You've already forked reposilite-charts
							
							Compare commits
	
		
			72 Commits
		
	
	
		
			0.1.3
			...
			d2c329e1be
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| d2c329e1be | |||
| db5e38cef1 | |||
| 1fe7bc604e | |||
| fa43188e03 | |||
| 99ed88068a | |||
| 95fd713da6 | |||
| 671a635627 | |||
| 13fbb0ecc0 | |||
| 8835a8cde1 | |||
| 7d479fe629 | |||
| edacc04893 | |||
| 3c64ebfef4 | |||
| 15d2c31512 | |||
| 93ef09b878 | |||
| b5368314d6 | |||
| 60643bdaf4 | |||
| e3880f5f00 | |||
| a20f370eaf | |||
| d6de6ce37a | |||
| 334a8b877b | |||
| ba1fd42cfc | |||
| 70faa1ff8f | |||
| d7d5bc4dae | |||
| a3f1ab1850 | |||
| c4919a6bfc | |||
| 6ca6f583d3 | |||
| 0d10fb2cdc | |||
| a373c49e2a | |||
| 633d4f1bfd | |||
| cc201633de | |||
| 64c20379a2 | |||
| 98ec01a217 | |||
| 796c257d0a | |||
| 387547e813 | |||
| e16a1ff2ed | |||
| c8d8efeae3 | |||
| 2a7d111525 | |||
| 64de0eb8ea | |||
| 413fe95b86 | |||
| de8ef2b201 | |||
| 6e38335808 | |||
| 7704e83f9e | |||
| de0a6a5995 | |||
| 212a9c9ff1 | |||
| c70210c34b | |||
| 0eebc69f74 | |||
| 64a10a120a | |||
| 3dc7acaae9 | |||
| acd89e268b | |||
| bd0d9fad33 | |||
| bbe3a3493f | |||
| c4471c10c2 | |||
| f557cc241a | |||
| bac48c6ca2 | |||
| 608b3fc8c8 | |||
| 5d7738e6b1 | |||
| 6790331b84 | |||
| ff63eeeca6 | |||
| 4346eb8c08 | |||
| c215c39ed6 | |||
| 890f4e260f | |||
| 149d9e9a6c | |||
| d06452af30 | |||
| 0d7ac396a2 | |||
| 2cc97c0ce7 | |||
| 09cb41bb18 | |||
| ad63a7eae8 | |||
| 29bd192d7a | |||
| 6943237ee3 | |||
| a85483cbe2 | |||
| 3aa8b8746e | |||
| caa0488db7 | 
| @@ -15,7 +15,7 @@ on: | |||||||
| jobs: | jobs: | ||||||
|   generate-parameters: |   generate-parameters: | ||||||
|     container: |     container: | ||||||
|       image: docker.io/library/node:24.1.0-alpine |       image: docker.io/library/node:24.10.0-alpine | ||||||
|     runs-on: |     runs-on: | ||||||
|     - ubuntu-latest |     - ubuntu-latest | ||||||
|     steps: |     steps: | ||||||
| @@ -23,7 +23,7 @@ jobs: | |||||||
|       run: | |       run: | | ||||||
|         apk update |         apk update | ||||||
|         apk add git npm |         apk add git npm | ||||||
|     - uses: actions/checkout@v4.2.2 |     - uses: actions/checkout@v5.0.0 | ||||||
|     - name: Generate parameter section in README |     - name: Generate parameter section in README | ||||||
|       run: | |       run: | | ||||||
|         npm install |         npm install | ||||||
|   | |||||||
| @@ -13,7 +13,7 @@ on: | |||||||
| jobs: | jobs: | ||||||
|   helm-lint: |   helm-lint: | ||||||
|     container: |     container: | ||||||
|       image: docker.io/volkerraschek/helm:3.18.2 |       image: docker.io/volkerraschek/helm:3.19.0 | ||||||
|     runs-on: |     runs-on: | ||||||
|     - ubuntu-latest |     - ubuntu-latest | ||||||
|     steps: |     steps: | ||||||
| @@ -21,14 +21,14 @@ jobs: | |||||||
|       run: | |       run: | | ||||||
|         apk update |         apk update | ||||||
|         apk add git npm |         apk add git npm | ||||||
|     - uses: actions/checkout@v4.2.2 |     - uses: actions/checkout@v5.0.0 | ||||||
|     - name: Lint helm files |     - name: Lint helm files | ||||||
|       run: | |       run: | | ||||||
|         helm lint --values values.yaml . |         helm lint --values values.yaml . | ||||||
|  |  | ||||||
|   helm-unittest: |   helm-unittest: | ||||||
|     container: |     container: | ||||||
|       image: docker.io/volkerraschek/helm:3.18.2 |       image: docker.io/volkerraschek/helm:3.19.0 | ||||||
|     runs-on: |     runs-on: | ||||||
|     - ubuntu-latest |     - ubuntu-latest | ||||||
|     steps: |     steps: | ||||||
| @@ -36,7 +36,7 @@ jobs: | |||||||
|       run: | |       run: | | ||||||
|         apk update |         apk update | ||||||
|         apk add git npm |         apk add git npm | ||||||
|     - uses: actions/checkout@v4.2.2 |     - uses: actions/checkout@v5.0.0 | ||||||
|     - name: Unittest |     - name: Unittest | ||||||
|       run: | |       run: | | ||||||
|         helm unittest --strict --file 'unittests/**/*.yaml' ./ |         helm unittest --strict --file 'unittests/**/*.yaml' ./ | ||||||
| @@ -15,7 +15,7 @@ on: | |||||||
| jobs: | jobs: | ||||||
|   markdown-link-checker: |   markdown-link-checker: | ||||||
|     container: |     container: | ||||||
|       image: docker.io/library/node:24.1.0-alpine |       image: docker.io/library/node:24.10.0-alpine | ||||||
|     runs-on: |     runs-on: | ||||||
|     - ubuntu-latest |     - ubuntu-latest | ||||||
|     steps: |     steps: | ||||||
| @@ -23,7 +23,7 @@ jobs: | |||||||
|       run: | |       run: | | ||||||
|         apk update |         apk update | ||||||
|         apk add git npm |         apk add git npm | ||||||
|     - uses: actions/checkout@v4.2.2 |     - uses: actions/checkout@v5.0.0 | ||||||
|     - name: Verify links in markdown files |     - name: Verify links in markdown files | ||||||
|       run: | |       run: | | ||||||
|         npm install |         npm install | ||||||
| @@ -31,7 +31,7 @@ jobs: | |||||||
|  |  | ||||||
|   markdown-lint: |   markdown-lint: | ||||||
|     container: |     container: | ||||||
|       image: docker.io/library/node:24.1.0-alpine |       image: docker.io/library/node:24.10.0-alpine | ||||||
|     runs-on: |     runs-on: | ||||||
|     - ubuntu-latest |     - ubuntu-latest | ||||||
|     steps: |     steps: | ||||||
| @@ -39,7 +39,7 @@ jobs: | |||||||
|       run: | |       run: | | ||||||
|         apk update |         apk update | ||||||
|         apk add git |         apk add git | ||||||
|     - uses: actions/checkout@v4.2.2 |     - uses: actions/checkout@v5.0.0 | ||||||
|     - name: Lint markdown files |     - name: Lint markdown files | ||||||
|       run: | |       run: | | ||||||
|         npm install |         npm install | ||||||
|   | |||||||
| @@ -8,7 +8,7 @@ on: | |||||||
| jobs: | jobs: | ||||||
|   publish-chart: |   publish-chart: | ||||||
|     container: |     container: | ||||||
|       image: docker.io/volkerraschek/helm:3.18.2 |       image: docker.io/volkerraschek/helm:3.19.0 | ||||||
|     runs-on: ubuntu-latest |     runs-on: ubuntu-latest | ||||||
|     steps: |     steps: | ||||||
|       - name: Install packages via apk |       - name: Install packages via apk | ||||||
| @@ -16,7 +16,7 @@ jobs: | |||||||
|           apk update |           apk update | ||||||
|           apk add git npm jq yq |           apk add git npm jq yq | ||||||
|  |  | ||||||
|       - uses: actions/checkout@v4 |       - uses: actions/checkout@v5.0.0 | ||||||
|         with: |         with: | ||||||
|           fetch-depth: 0 |           fetch-depth: 0 | ||||||
|  |  | ||||||
|   | |||||||
							
								
								
									
										4
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										4
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @@ -1,6 +1,6 @@ | |||||||
| charts | charts | ||||||
| node_modules | node_modules | ||||||
| target | target | ||||||
| values2.yml | values[0-9].yml | ||||||
| values2.yaml | values[0-9].yaml | ||||||
| *.tgz | *.tgz | ||||||
|   | |||||||
							
								
								
									
										8
									
								
								.vscode/settings.json
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										8
									
								
								.vscode/settings.json
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,8 @@ | |||||||
|  | { | ||||||
|  |   "yaml.schemas": { | ||||||
|  |     "https://raw.githubusercontent.com/helm-unittest/helm-unittest/v1.0.2/schema/helm-testsuite.json": [ | ||||||
|  |       "/unittests/**/*.yaml" | ||||||
|  |     ] | ||||||
|  |   }, | ||||||
|  |   "yaml.schemaStore.enable": true | ||||||
|  | } | ||||||
| @@ -5,7 +5,7 @@ annotations: | |||||||
|     - name: support |     - name: support | ||||||
|       url: https://git.cryptic.systems/volker.raschek/reposilite-charts/issues |       url: https://git.cryptic.systems/volker.raschek/reposilite-charts/issues | ||||||
| apiVersion: v2 | apiVersion: v2 | ||||||
| appVersion: "3.5.25" | appVersion: "3.5.26" | ||||||
| description: | | description: | | ||||||
|   Lightweight and easy-to-use repository management software |   Lightweight and easy-to-use repository management software | ||||||
|   dedicated for the Maven based artifacts in the JVM ecosystem |   dedicated for the Maven based artifacts in the JVM ecosystem | ||||||
|   | |||||||
							
								
								
									
										17
									
								
								Makefile
									
									
									
									
									
								
							
							
						
						
									
										17
									
								
								Makefile
									
									
									
									
									
								
							| @@ -4,13 +4,13 @@ CONTAINER_RUNTIME?=$(shell which podman) | |||||||
| # HELM_IMAGE | # HELM_IMAGE | ||||||
| HELM_IMAGE_REGISTRY_HOST?=docker.io | HELM_IMAGE_REGISTRY_HOST?=docker.io | ||||||
| HELM_IMAGE_REPOSITORY?=volkerraschek/helm | HELM_IMAGE_REPOSITORY?=volkerraschek/helm | ||||||
| HELM_IMAGE_VERSION?=3.18.2 # renovate: datasource=docker registryUrl=https://registry-nexus.orbis.dedalus.com depName=volkerraschek/helm | HELM_IMAGE_VERSION?=3.19.0 # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/volkerraschek/helm | ||||||
| HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION} | HELM_IMAGE_FULLY_QUALIFIED=${HELM_IMAGE_REGISTRY_HOST}/${HELM_IMAGE_REPOSITORY}:${HELM_IMAGE_VERSION} | ||||||
|  |  | ||||||
| # NODE_IMAGE | # NODE_IMAGE | ||||||
| NODE_IMAGE_REGISTRY_HOST?=docker.io | NODE_IMAGE_REGISTRY_HOST?=docker.io | ||||||
| NODE_IMAGE_REPOSITORY?=library/node | NODE_IMAGE_REPOSITORY?=library/node | ||||||
| NODE_IMAGE_VERSION?=24.1.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node | NODE_IMAGE_VERSION?=24.10.0-alpine # renovate: datasource=docker registryUrl=https://docker.io depName=docker.io/library/node packageName=library/node | ||||||
| NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION} | NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}:${NODE_IMAGE_VERSION} | ||||||
|  |  | ||||||
| # MISSING DOT | # MISSING DOT | ||||||
| @@ -18,6 +18,19 @@ NODE_IMAGE_FULLY_QUALIFIED=${NODE_IMAGE_REGISTRY_HOST}/${NODE_IMAGE_REPOSITORY}: | |||||||
| missing-dot: | missing-dot: | ||||||
| 	grep --perl-regexp '## @(param|skip).*[^.]$$' values.yaml | 	grep --perl-regexp '## @(param|skip).*[^.]$$' values.yaml | ||||||
|  |  | ||||||
|  | # README | ||||||
|  | # ============================================================================== | ||||||
|  | readme: readme/link readme/lint readme/parameters | ||||||
|  |  | ||||||
|  | readme/link: | ||||||
|  | 	npm install && npm run readme:link | ||||||
|  |  | ||||||
|  | readme/lint: | ||||||
|  | 	npm install && npm run readme:lint | ||||||
|  |  | ||||||
|  | readme/parameters: | ||||||
|  | 	npm install && npm run readme:parameters | ||||||
|  |  | ||||||
| # CONTAINER RUN - README | # CONTAINER RUN - README | ||||||
| # ============================================================================== | # ============================================================================== | ||||||
| PHONY+=container-run/readme | PHONY+=container-run/readme | ||||||
|   | |||||||
							
								
								
									
										230
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										230
									
								
								README.md
									
									
									
									
									
								
							| @@ -2,6 +2,10 @@ | |||||||
|  |  | ||||||
| [](https://artifacthub.io/packages/search?repo=volker-raschek) | [](https://artifacthub.io/packages/search?repo=volker-raschek) | ||||||
|  |  | ||||||
|  | > [!NOTE] | ||||||
|  | > This is not the official helm chart of Reposilite. If you are looking for the official helm chart, checkout the GitHub | ||||||
|  | > project [reposilite-playground](https://github.com/reposilite-playground/reposilite-helm). | ||||||
|  |  | ||||||
| This helm chart enables the deployment of [Reposilite](https://github.com/dzikoysk/reposilite), a lightweight and | This helm chart enables the deployment of [Reposilite](https://github.com/dzikoysk/reposilite), a lightweight and | ||||||
| easy-to-use repository management software dedicated for the Maven-based artifacts in the JVM ecosystem. | easy-to-use repository management software dedicated for the Maven-based artifacts in the JVM ecosystem. | ||||||
|  |  | ||||||
| @@ -12,7 +16,10 @@ Chapter [configuration and installation](#helm-configuration-and-installation) d | |||||||
| and use it to deploy the exporter. It also contains further configuration examples. | and use it to deploy the exporter. It also contains further configuration examples. | ||||||
|  |  | ||||||
| Furthermore, this helm chart contains unit tests to detect regressions and stabilize the deployment. Additionally, this | Furthermore, this helm chart contains unit tests to detect regressions and stabilize the deployment. Additionally, this | ||||||
| helm chart is tested for deployment scenarios with **ArgoCD**. | helm chart is tested for deployment scenarios with **ArgoCD**, but please keep in mind, that this chart supports the | ||||||
|  | *[Automatically Roll Deployment](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments)* | ||||||
|  | concept of Helm, which can trigger unexpected rolling releases. Further configuration instructions are described in a | ||||||
|  | separate [chapter](#argocd). | ||||||
|  |  | ||||||
| ## Helm: configuration and installation | ## Helm: configuration and installation | ||||||
|  |  | ||||||
| @@ -33,7 +40,7 @@ version of the chart must be in sync with the `values.yaml`. Newer *minor* versi | |||||||
| versions can break something! | versions can break something! | ||||||
|  |  | ||||||
| ```bash | ```bash | ||||||
| CHART_VERSION=0.1.0 | CHART_VERSION=0.3.0 | ||||||
| helm show values volker.raschek/reposilite --version "${CHART_VERSION}" > values.yaml | helm show values volker.raschek/reposilite --version "${CHART_VERSION}" > values.yaml | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| @@ -47,7 +54,7 @@ The helm chart also contains a persistent volume claim definition. It persistent | |||||||
| Use the `--set` argument to persist your data. | Use the `--set` argument to persist your data. | ||||||
|  |  | ||||||
| ```bash | ```bash | ||||||
| CHART_VERSION=0.1.0 | CHART_VERSION=0.3.0 | ||||||
| helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | ||||||
|   persistentVolumeClaim.enabled=true |   persistentVolumeClaim.enabled=true | ||||||
| ``` | ``` | ||||||
| @@ -68,7 +75,7 @@ connection problems. | |||||||
| > error. | > error. | ||||||
|  |  | ||||||
| ```bash | ```bash | ||||||
| CHART_VERSION=0.1.0 | CHART_VERSION=0.3.0 | ||||||
| helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | ||||||
|   --set 'deployment.reposilite.env[1].name=REPOSILITE_LOCAL_SSLENABLED' \ |   --set 'deployment.reposilite.env[1].name=REPOSILITE_LOCAL_SSLENABLED' \ | ||||||
|   --set 'deployment.reposilite.env[1].value="true"' \ |   --set 'deployment.reposilite.env[1].value="true"' \ | ||||||
| @@ -118,14 +125,15 @@ deployment: | |||||||
|     secret.reloader.stakater.com/reload: "reposilite-tls" |     secret.reloader.stakater.com/reload: "reposilite-tls" | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
| ### Network policies | #### Network policies | ||||||
|  |  | ||||||
| Network policies can only take effect, when the used CNI plugin support network policies. The chart supports no custom | Network policies can only take effect, when the used CNI plugin support network policies. The chart supports no custom | ||||||
| network policy implementation of CNI plugins. It's support only the official API resource of `networking.k8s.io/v1`. | network policy implementation of CNI plugins. It's support only the official API resource of `networking.k8s.io/v1`. | ||||||
|  |  | ||||||
| The example below is an excerpt of the `values.yaml` file. The network policy contains ingress rules to allow incoming | The example below is an excerpt of the `values.yaml` file. The network policy contains ingress rules to allow incoming | ||||||
| traffic from an ingress controller. Additionally one egress rule is defined, to allow the application outgoing access | traffic from an ingress controller. Additionally two egress rules are defined. The first one to allow the application | ||||||
| to the internal running DNS server `core-dns`. | outgoing access to the internal running DNS server `core-dns`. The second rule to be able to access the Apache Maven | ||||||
|  | Central repository via HTTPS. | ||||||
|  |  | ||||||
| > [!IMPORTANT] | > [!IMPORTANT] | ||||||
| > Please keep in mind, that the namespace and pod selector labels can be different from environment to environment. For | > Please keep in mind, that the namespace and pod selector labels can be different from environment to environment. For | ||||||
| @@ -152,6 +160,10 @@ networkPolicies: | |||||||
|       protocol: TCP |       protocol: TCP | ||||||
|     - port: 53 |     - port: 53 | ||||||
|       protocol: UDP |       protocol: UDP | ||||||
|  |   - ports: | ||||||
|  |     - port: 443 | ||||||
|  |       protocol: TCP | ||||||
|  |  | ||||||
|   ingress: |   ingress: | ||||||
|   - from: |   - from: | ||||||
|     - namespaceSelector: |     - namespaceSelector: | ||||||
| @@ -165,6 +177,86 @@ networkPolicies: | |||||||
|       protocol: TCP |       protocol: TCP | ||||||
| ``` | ``` | ||||||
|  |  | ||||||
|  | ### Prometheus | ||||||
|  |  | ||||||
|  | Reposilite is not able to expose metrics by default. Reposilite requires an additional plugin to expose the metrics via | ||||||
|  | `/metrics`. The plugin will be downloaded from Apache Maven Central, when the plugin is enabled directly or the | ||||||
|  | Prometheus feature has been enabled. The plugin is a simple JAR file, which will be stored in `/app/data/plugins`. | ||||||
|  |  | ||||||
|  | Furthermore, Reposilite will not expose the metrics without protection. For this reason must be defined basic auth | ||||||
|  | credentials. By default generate the helm chart a random username and password for basic auth. For debugging propose can | ||||||
|  | be set the credentials manually. | ||||||
|  |  | ||||||
|  | The following example enable Prometheus metrics with custom basic auth credentials: | ||||||
|  |  | ||||||
|  | ```bash | ||||||
|  | CHART_VERSION=0.3.0 | ||||||
|  | helm install --version "${CHART_VERSION}" reposilite volker.raschek/reposilite \ | ||||||
|  |   --set 'prometheus.metrics.enabled=true' \ | ||||||
|  |   --set 'prometheus.metrics.basicAuthUsername=my-username' \ | ||||||
|  |   --set 'prometheus.metrics.basicAuthUsername=my-password' | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | ## ArgoCD | ||||||
|  |  | ||||||
|  | ### Daily execution of rolling updates | ||||||
|  |  | ||||||
|  | The behavior whereby ArgoCD triggers a rolling update even though nothing appears to have changed often occurs in | ||||||
|  | connection with the helm concept `checksum/secret`, `checksum/configmap` or more generally, [Automatically Roll | ||||||
|  | Deployments](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments). Please ensure, that no | ||||||
|  | third party application modifies the config maps or secret afterwards. | ||||||
|  |  | ||||||
|  | The problem with combining this concept with ArgoCD is that ArgoCD re-renders the Helm chart every time. Even if the | ||||||
|  | content of the config map or secret has not changed, there may be minimal differences (e.g., whitespace, chart version, | ||||||
|  | Helm render order, different timestamps). | ||||||
|  |  | ||||||
|  | This changes the SHA256 hash, Argo sees a drift and trigger a rolling update of the deployment. Among other things, this | ||||||
|  | can lead to unnecessary notifications from ArgoCD. | ||||||
|  |  | ||||||
|  | To avoid this, the annotation with the shasum can be ignored. However, this negates the mechanism of [Automatically Roll | ||||||
|  | Deployments](https://helm.sh/docs/howto/charts_tips_and_tricks/#automatically-roll-deployments). | ||||||
|  |  | ||||||
|  | Below is a diff that adds the `Application` to ignore all annotations with the prefix `checksum`. | ||||||
|  |  | ||||||
|  | > [!WARNING] | ||||||
|  | > Configurations of `ignoreDifferences` always refer to the determination of a drift and whether a possible sync is | ||||||
|  | > necessary. If the selected attributes should also be ignored in deployment afterwards, define | ||||||
|  | > `RespectIgnoreDifferences=true` in your `Application` resource. Further information can be found in the ArgoCD | ||||||
|  | > [documentation](https://argo-cd.readthedocs.io/en/latest/user-guide/sync-options/#respect-ignore-differences-configs). | ||||||
|  |  | ||||||
|  | ```diff | ||||||
|  |   apiVersion: argoproj.io/v1alpha1 | ||||||
|  |   kind: Application | ||||||
|  |   spec: | ||||||
|  | +   ignoreDifferences: | ||||||
|  | +   - group: apps | ||||||
|  | +     kind: Deployment | ||||||
|  | +     jqPathExpressions: | ||||||
|  | +     - '.spec.template.metadata.annotations | with_entries(select(.key | startswith("checksum")))' | ||||||
|  | ``` | ||||||
|  |  | ||||||
|  | The definition of ignoreDifferences ensures that annotations with the prefix checksum are ignored during a diff. | ||||||
|  |  | ||||||
|  | > [!TIP] | ||||||
|  | > If the [reloader](https://github.com/stakater/Reloader) is configured as described in section [TLS certificate | ||||||
|  | > rotation](#tls-certificate-rotation), ensure that the shasum defined as annotation or environment variable is also | ||||||
|  | > ignored. The [reloader](https://github.com/stakater/Reloader) will modify the deployment based on his configuration | ||||||
|  | > and append additional annotations or environment variables containing the shasum. Below are some examples how to adapt | ||||||
|  | > the `ignoreDifferences` configuration to ignore only the annotations and environment variables of stakater's | ||||||
|  | > [reloader](https://github.com/stakater/Reloader). | ||||||
|  |  | ||||||
|  | ```diff | ||||||
|  |   apiVersion: argoproj.io/v1alpha1 | ||||||
|  |   kind: Application | ||||||
|  |   spec: | ||||||
|  |     ignoreDifferences: | ||||||
|  |     - group: apps | ||||||
|  |       kind: Deployment | ||||||
|  |       jqPathExpressions: | ||||||
|  | +     - '.spec.template.metadata.annotations | with_entries(select(.key | startswith("reloader")))' | ||||||
|  | +     - '.spec.template.spec.containers[].env[] | select(.name | startswith("STAKATER_"))' | ||||||
|  | ``` | ||||||
|  |  | ||||||
| ## Parameters | ## Parameters | ||||||
|  |  | ||||||
| ### Global | ### Global | ||||||
| @@ -174,44 +266,56 @@ networkPolicies: | |||||||
| | `nameOverride`     | Individual release name suffix.           | `""`  | | | `nameOverride`     | Individual release name suffix.           | `""`  | | ||||||
| | `fullnameOverride` | Override the complete release name logic. | `""`  | | | `fullnameOverride` | Override the complete release name logic. | `""`  | | ||||||
|  |  | ||||||
|  | ### Config | ||||||
|  |  | ||||||
|  | | Name                                | Description                                                                                                                                    | Value                                                                                                                                                     | | ||||||
|  | | ----------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------- | | ||||||
|  | | `config.plugins.prometheus.enabled` | Download the Prometheus plugin via an additional init container. The Prometheus plugin will automatically enabled, when Prometheus is enabled. | `false`                                                                                                                                                   | | ||||||
|  | | `config.plugins.prometheus.url`     | URL to download the plugin.                                                                                                                    | `https://maven.reposilite.com/releases/com/reposilite/plugin/prometheus-plugin/{{ .Chart.AppVersion }}/prometheus-plugin-{{ .Chart.AppVersion }}-all.jar` | | ||||||
|  |  | ||||||
| ### Deployment | ### Deployment | ||||||
|  |  | ||||||
| | Name                                               | Description                                                                                                | Value                 | | | Name                                               | Description                                                                                                | Value                                       | | ||||||
| | -------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | --------------------- | | | -------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- | ------------------------------------------- | | ||||||
| | `deployment.annotations`                           | Additional deployment annotations.                                                                         | `{}`                  | | | `deployment.annotations`                           | Additional deployment annotations.                                                                         | `{}`                                        | | ||||||
| | `deployment.labels`                                | Additional deployment labels.                                                                              | `{}`                  | | | `deployment.labels`                                | Additional deployment labels.                                                                              | `{}`                                        | | ||||||
| | `deployment.additionalContainers`                  | List of additional containers.                                                                             | `[]`                  | | | `deployment.additionalContainers`                  | List of additional containers.                                                                             | `[]`                                        | | ||||||
| | `deployment.affinity`                              | Affinity for the Reposilite deployment.                                                                    | `{}`                  | | | `deployment.affinity`                              | Affinity for the Reposilite deployment.                                                                    | `{}`                                        | | ||||||
| | `deployment.initContainers`                        | List of additional init containers.                                                                        | `[]`                  | | | `deployment.initContainers`                        | List of additional init containers.                                                                        | `[]`                                        | | ||||||
| | `deployment.dnsConfig`                             | dnsConfig of the Reposilite deployment.                                                                    | `{}`                  | | | `deployment.dnsConfig`                             | dnsConfig of the Reposilite deployment.                                                                    | `{}`                                        | | ||||||
| | `deployment.dnsPolicy`                             | dnsPolicy of the Reposilite deployment.                                                                    | `""`                  | | | `deployment.dnsPolicy`                             | dnsPolicy of the Reposilite deployment.                                                                    | `""`                                        | | ||||||
| | `deployment.hostname`                              | Individual hostname of the pod.                                                                            | `""`                  | | | `deployment.hostname`                              | Individual hostname of the pod.                                                                            | `""`                                        | | ||||||
| | `deployment.subdomain`                             | Individual domain of the pod.                                                                              | `""`                  | | | `deployment.subdomain`                             | Individual domain of the pod.                                                                              | `""`                                        | | ||||||
| | `deployment.hostNetwork`                           | Use the kernel network namespace of the host system.                                                       | `false`               | | | `deployment.hostNetwork`                           | Use the kernel network namespace of the host system.                                                       | `false`                                     | | ||||||
| | `deployment.imagePullSecrets`                      | Secret to use for pulling the image.                                                                       | `[]`                  | | | `deployment.imagePullSecrets`                      | Secret to use for pulling the image.                                                                       | `[]`                                        | | ||||||
| | `deployment.reposilite.args`                       | Arguments passed to the Reposilite container.                                                              | `[]`                  | | | `deployment.reposilite.args`                       | Arguments passed to the Reposilite container.                                                              | `[]`                                        | | ||||||
| | `deployment.reposilite.command`                    | Command passed to the Reposilite container.                                                                | `[]`                  | | | `deployment.reposilite.command`                    | Command passed to the Reposilite container.                                                                | `[]`                                        | | ||||||
| | `deployment.reposilite.env`                        | List of environment variables for the Reposilite container.                                                |                       | | | `deployment.reposilite.env`                        | List of environment variables for the Reposilite container.                                                |                                             | | ||||||
| | `deployment.reposilite.envFrom`                    | List of environment variables mounted from configMaps or secrets for the Reposilite container.             | `[]`                  | | | `deployment.reposilite.envFrom`                    | List of environment variables mounted from configMaps or secrets for the Reposilite container.             | `[]`                                        | | ||||||
| | `deployment.reposilite.image.registry`             | Image registry, eg. `docker.io`.                                                                           | `docker.io`           | | | `deployment.reposilite.image.registry`             | Image registry, eg. `docker.io`.                                                                           | `docker.io`                                 | | ||||||
| | `deployment.reposilite.image.repository`           | Image repository, eg. `library/busybox`.                                                                   | `dzikoysk/reposilite` | | | `deployment.reposilite.image.repository`           | Image repository, eg. `library/busybox`.                                                                   | `dzikoysk/reposilite`                       | | ||||||
| | `deployment.reposilite.image.tag`                  | Custom image tag, eg. `0.1.0`. Defaults to `appVersion`.                                                   | `""`                  | | | `deployment.reposilite.image.tag`                  | Custom image tag, eg. `0.1.0`. Defaults to `appVersion`.                                                   | `""`                                        | | ||||||
| | `deployment.reposilite.image.pullPolicy`           | Image pull policy.                                                                                         | `IfNotPresent`        | | | `deployment.reposilite.image.pullPolicy`           | Image pull policy.                                                                                         | `IfNotPresent`                              | | ||||||
| | `deployment.reposilite.resources`                  | CPU and memory resources of the pod.                                                                       | `{}`                  | | | `deployment.reposilite.resources`                  | CPU and memory resources of the pod.                                                                       | `{}`                                        | | ||||||
| | `deployment.reposilite.securityContext`            | Security context of the container of the deployment.                                                       | `{}`                  | | | `deployment.reposilite.securityContext`            | Security context of the container of the deployment.                                                       | `{}`                                        | | ||||||
| | `deployment.reposilite.volumeMounts`               | Additional volume mounts.                                                                                  | `[]`                  | | | `deployment.reposilite.volumeMounts`               | Additional volume mounts.                                                                                  | `[]`                                        | | ||||||
| | `deployment.nodeSelector`                          | NodeSelector of the Reposilite deployment.                                                                 | `{}`                  | | | `deployment.nodeSelector`                          | NodeSelector of the Reposilite deployment.                                                                 | `{}`                                        | | ||||||
| | `deployment.priorityClassName`                     | PriorityClassName of the Reposilite deployment.                                                            | `""`                  | | | `deployment.pluginContainer.args`                  | Arguments passed to the plugin container.                                                                  | `["--location","--fail","--max-time","60"]` | | ||||||
| | `deployment.replicas`                              | Number of replicas for the Reposilite deployment.                                                          | `1`                   | | | `deployment.pluginContainer.image.registry`        | Image registry, eg. `docker.io`.                                                                           | `docker.io`                                 | | ||||||
| | `deployment.restartPolicy`                         | Restart policy of the Reposilite deployment.                                                               | `""`                  | | | `deployment.pluginContainer.image.repository`      | Image repository, eg. `curlimages/curl`.                                                                   | `curlimages/curl`                           | | ||||||
| | `deployment.securityContext`                       | Security context of the Reposilite deployment.                                                             | `{}`                  | | | `deployment.pluginContainer.image.tag`             | Custom image tag, eg. `0.1.0`.                                                                             | `8.16.0`                                    | | ||||||
| | `deployment.strategy.type`                         | Strategy type - `Recreate` or `RollingUpdate`.                                                             | `RollingUpdate`       | | | `deployment.pluginContainer.image.pullPolicy`      | Image pull policy.                                                                                         | `IfNotPresent`                              | | ||||||
| | `deployment.strategy.rollingUpdate.maxSurge`       | The maximum number of pods that can be scheduled above the desired number of pods during a rolling update. | `1`                   | | | `deployment.priorityClassName`                     | PriorityClassName of the Reposilite deployment.                                                            | `""`                                        | | ||||||
| | `deployment.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during a rolling update.                                | `1`                   | | | `deployment.replicas`                              | Number of replicas for the Reposilite deployment.                                                          | `1`                                         | | ||||||
| | `deployment.terminationGracePeriodSeconds`         | How long to wait until forcefully kill the pod.                                                            | `60`                  | | | `deployment.restartPolicy`                         | Restart policy of the Reposilite deployment.                                                               | `""`                                        | | ||||||
| | `deployment.tolerations`                           | Tolerations of the Reposilite deployment.                                                                  | `[]`                  | | | `deployment.securityContext`                       | Security context of the Reposilite deployment.                                                             | `{}`                                        | | ||||||
| | `deployment.topologySpreadConstraints`             | TopologySpreadConstraints of the Reposilite deployment.                                                    | `[]`                  | | | `deployment.strategy.type`                         | Strategy type - `Recreate` or `RollingUpdate`.                                                             | `RollingUpdate`                             | | ||||||
| | `deployment.volumes`                               | Additional volumes to mount into the pods of the prometheus-exporter deployment.                           | `[]`                  | | | `deployment.strategy.rollingUpdate.maxSurge`       | The maximum number of pods that can be scheduled above the desired number of pods during a rolling update. | `1`                                         | | ||||||
|  | | `deployment.strategy.rollingUpdate.maxUnavailable` | The maximum number of pods that can be unavailable during a rolling update.                                | `1`                                         | | ||||||
|  | | `deployment.terminationGracePeriodSeconds`         | How long to wait until forcefully kill the pod.                                                            | `60`                                        | | ||||||
|  | | `deployment.tolerations`                           | Tolerations of the Reposilite deployment.                                                                  | `[]`                                        | | ||||||
|  | | `deployment.topologySpreadConstraints`             | TopologySpreadConstraints of the Reposilite deployment.                                                    | `[]`                                        | | ||||||
|  | | `deployment.volumes`                               | Additional volumes to mount into the pods of the reposilite deployment.                                    | `[]`                                        | | ||||||
|  |  | ||||||
| ### Horizontal Pod Autoscaler (HPA) | ### Horizontal Pod Autoscaler (HPA) | ||||||
|  |  | ||||||
| @@ -261,6 +365,45 @@ networkPolicies: | |||||||
| | `persistentVolumeClaim.new.size`                           | Size of the persistent volume claim.                                                                                                                                                                 | `10Gi`          | | | `persistentVolumeClaim.new.size`                           | Size of the persistent volume claim.                                                                                                                                                                 | `10Gi`          | | ||||||
| | `persistentVolumeClaim.new.storageClass`                   | Custom storage class. Left it empty to use the clusters default storage class.                                                                                                                       | `""`            | | | `persistentVolumeClaim.new.storageClass`                   | Custom storage class. Left it empty to use the clusters default storage class.                                                                                                                       | `""`            | | ||||||
|  |  | ||||||
|  | ### Prometheus | ||||||
|  |  | ||||||
|  | | Name                                                      | Description                                                                                                                                  | Value      | | ||||||
|  | | --------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------- | ---------- | | ||||||
|  | | `prometheus.metrics.enabled`                              | Enable of scraping metrics by Prometheus.                                                                                                    | `false`    | | ||||||
|  | | `prometheus.metrics.secret.existing.enabled`              | Use an existing secret containing the basic auth credentials.                                                                                | `false`    | | ||||||
|  | | `prometheus.metrics.secret.existing.secretName`           | Name of the secret containing the basic auth credentials.                                                                                    | `""`       | | ||||||
|  | | `prometheus.metrics.secret.existing.basicAuthUsernameKey` | Name of the key in the secret that contains the username for basic auth.                                                                     | `""`       | | ||||||
|  | | `prometheus.metrics.secret.existing.basicAuthPasswordKey` | Name of the key in the secret that contains the password for basic auth.                                                                     | `""`       | | ||||||
|  | | `prometheus.metrics.secret.new.annotations`               | Additional secret annotations.                                                                                                               | `{}`       | | ||||||
|  | | `prometheus.metrics.secret.new.labels`                    | Additional secret labels.                                                                                                                    | `{}`       | | ||||||
|  | | `prometheus.metrics.secret.new.basicAuthUsername`         | Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string.        | `""`       | | ||||||
|  | | `prometheus.metrics.secret.new.basicAuthPassword`         | Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string.         | `""`       | | ||||||
|  | | `prometheus.metrics.podMonitor.enabled`                   | Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource.                                                        | `false`    | | ||||||
|  | | `prometheus.metrics.podMonitor.annotations`               | Additional podMonitor annotations.                                                                                                           | `{}`       | | ||||||
|  | | `prometheus.metrics.podMonitor.enableHttp2`               | Enable HTTP2.                                                                                                                                | `false`    | | ||||||
|  | | `prometheus.metrics.podMonitor.followRedirects`           | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects.                                                                | `false`    | | ||||||
|  | | `prometheus.metrics.podMonitor.honorLabels`               | Honor labels.                                                                                                                                | `false`    | | ||||||
|  | | `prometheus.metrics.podMonitor.labels`                    | Additional podMonitor labels.                                                                                                                | `{}`       | | ||||||
|  | | `prometheus.metrics.podMonitor.interval`                  | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used.                                    | `60s`      | | ||||||
|  | | `prometheus.metrics.podMonitor.path`                      | HTTP path of the Reposilite pod for scraping Prometheus metrics.                                                                             | `/metrics` | | ||||||
|  | | `prometheus.metrics.podMonitor.port`                      | HTTP port of the Reposilite pod for scraping Prometheus metrics.                                                                             | `http`     | | ||||||
|  | | `prometheus.metrics.podMonitor.relabelings`               | RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | `[]`       | | ||||||
|  | | `prometheus.metrics.podMonitor.scrapeTimeout`             | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used.                                         | `30s`      | | ||||||
|  | | `prometheus.metrics.podMonitor.scheme`                    | HTTP scheme to use for scraping. For example `http` or `https`.                                                                              | `http`     | | ||||||
|  | | `prometheus.metrics.podMonitor.tlsConfig`                 | TLS configuration to use when scraping the metric endpoint by Prometheus.                                                                    | `{}`       | | ||||||
|  | | `prometheus.metrics.serviceMonitor.enabled`               | Enable creation of a serviceMonitor. Excludes the existence of a podMonitor resource.                                                        | `false`    | | ||||||
|  | | `prometheus.metrics.serviceMonitor.annotations`           | Additional serviceMonitor annotations.                                                                                                       | `{}`       | | ||||||
|  | | `prometheus.metrics.serviceMonitor.labels`                | Additional serviceMonitor labels.                                                                                                            | `{}`       | | ||||||
|  | | `prometheus.metrics.serviceMonitor.enableHttp2`           | Enable HTTP2.                                                                                                                                | `false`    | | ||||||
|  | | `prometheus.metrics.serviceMonitor.followRedirects`       | FollowRedirects configures whether scrape requests follow HTTP 3xx redirects.                                                                | `false`    | | ||||||
|  | | `prometheus.metrics.serviceMonitor.honorLabels`           | Honor labels.                                                                                                                                | `false`    | | ||||||
|  | | `prometheus.metrics.serviceMonitor.interval`              | Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used.                                    | `60s`      | | ||||||
|  | | `prometheus.metrics.serviceMonitor.path`                  | HTTP path for scraping Prometheus metrics.                                                                                                   | `/metrics` | | ||||||
|  | | `prometheus.metrics.serviceMonitor.relabelings`           | RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | `[]`       | | ||||||
|  | | `prometheus.metrics.serviceMonitor.scrapeTimeout`         | Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used.                                         | `30s`      | | ||||||
|  | | `prometheus.metrics.serviceMonitor.scheme`                | HTTP scheme to use for scraping. For example `http` or `https`.                                                                              | `http`     | | ||||||
|  | | `prometheus.metrics.serviceMonitor.tlsConfig`             | TLS configuration to use when scraping the metric endpoint by Prometheus.                                                                    | `{}`       | | ||||||
|  |  | ||||||
| ### Service | ### Service | ||||||
|  |  | ||||||
| | Name                               | Description                                                                                                                                                                                                | Value       | | | Name                               | Description                                                                                                                                                                                                | Value       | | ||||||
| @@ -276,6 +419,7 @@ networkPolicies: | |||||||
| | `service.loadBalancerIP`           | LoadBalancer will get created with the IP specified in this field. Requires service from type `LoadBalancer`.                                                                                              | `""`        | | | `service.loadBalancerIP`           | LoadBalancer will get created with the IP specified in this field. Requires service from type `LoadBalancer`.                                                                                              | `""`        | | ||||||
| | `service.loadBalancerSourceRanges` | Source range filter for LoadBalancer. Requires service from type `LoadBalancer`.                                                                                                                           | `[]`        | | | `service.loadBalancerSourceRanges` | Source range filter for LoadBalancer. Requires service from type `LoadBalancer`.                                                                                                                           | `[]`        | | ||||||
| | `service.port`                     | Port to forward the traffic to.                                                                                                                                                                            | `8080`      | | | `service.port`                     | Port to forward the traffic to.                                                                                                                                                                            | `8080`      | | ||||||
|  | | `service.scheme`                   | Name of the service port. This name is also used as scheme / port name of the service monitor resource.                                                                                                    | `http`      | | ||||||
| | `service.sessionAffinity`          | Supports `ClientIP` and `None`. Enable client IP based session affinity via `ClientIP`.                                                                                                                    | `None`      | | | `service.sessionAffinity`          | Supports `ClientIP` and `None`. Enable client IP based session affinity via `ClientIP`.                                                                                                                    | `None`      | | ||||||
| | `service.sessionAffinityConfig`    | Contains the configuration of the session affinity.                                                                                                                                                        | `{}`        | | | `service.sessionAffinityConfig`    | Contains the configuration of the session affinity.                                                                                                                                                        | `{}`        | | ||||||
| | `service.type`                     | Kubernetes service type for the traffic.                                                                                                                                                                   | `ClusterIP` | | | `service.type`                     | Kubernetes service type for the traffic.                                                                                                                                                                   | `ClusterIP` | | ||||||
|   | |||||||
							
								
								
									
										26
									
								
								package-lock.json
									
									
									
										generated
									
									
									
								
							
							
						
						
									
										26
									
								
								package-lock.json
									
									
									
										generated
									
									
									
								
							| @@ -1078,9 +1078,9 @@ | |||||||
|       } |       } | ||||||
|     }, |     }, | ||||||
|     "node_modules/link-check": { |     "node_modules/link-check": { | ||||||
|       "version": "5.4.0", |       "version": "5.5.0", | ||||||
|       "resolved": "https://registry.npmjs.org/link-check/-/link-check-5.4.0.tgz", |       "resolved": "https://registry.npmjs.org/link-check/-/link-check-5.5.0.tgz", | ||||||
|       "integrity": "sha512-0Pf4xBVUnwJdbDgpBlhHNmWDtbVjHTpIFs+JaBuIsC9PKRxjv4KMGCO2Gc8lkVnqMf9B/yaNY+9zmMlO5MyToQ==", |       "integrity": "sha512-CpMk2zMfyEMdDvFG92wO5pU/2I/wbw72/9pvUFhU9cDKkwhmVlPuvxQJzd/jXA2iVOgNgPLnS5zyOLW7OzNpdA==", | ||||||
|       "dev": true, |       "dev": true, | ||||||
|       "license": "ISC", |       "license": "ISC", | ||||||
|       "dependencies": { |       "dependencies": { | ||||||
| @@ -1137,16 +1137,16 @@ | |||||||
|       } |       } | ||||||
|     }, |     }, | ||||||
|     "node_modules/markdown-link-check": { |     "node_modules/markdown-link-check": { | ||||||
|       "version": "3.13.7", |       "version": "3.14.1", | ||||||
|       "resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.13.7.tgz", |       "resolved": "https://registry.npmjs.org/markdown-link-check/-/markdown-link-check-3.14.1.tgz", | ||||||
|       "integrity": "sha512-Btn3HU8s2Uyh1ZfzmyZEkp64zp2+RAjwfQt1u4swq2Xa6w37OW0T2inQZrkSNVxDSa2jSN2YYhw/JkAp5jF1PQ==", |       "integrity": "sha512-h1tihNL3kmOS3N7H4FyF4xKDxiHnNBNSgs/LWlDiRHlC8O0vfRX0LhDDvesRSs4HM7nS0F658glLxonaXBmuWw==", | ||||||
|       "dev": true, |       "dev": true, | ||||||
|       "license": "ISC", |       "license": "ISC", | ||||||
|       "dependencies": { |       "dependencies": { | ||||||
|         "async": "^3.2.6", |         "async": "^3.2.6", | ||||||
|         "chalk": "^5.3.0", |         "chalk": "^5.3.0", | ||||||
|         "commander": "^13.1.0", |         "commander": "^14.0.0", | ||||||
|         "link-check": "^5.4.0", |         "link-check": "^5.5.0", | ||||||
|         "markdown-link-extractor": "^4.0.2", |         "markdown-link-extractor": "^4.0.2", | ||||||
|         "needle": "^3.3.1", |         "needle": "^3.3.1", | ||||||
|         "progress": "^2.0.3", |         "progress": "^2.0.3", | ||||||
| @@ -1157,6 +1157,16 @@ | |||||||
|         "markdown-link-check": "markdown-link-check" |         "markdown-link-check": "markdown-link-check" | ||||||
|       } |       } | ||||||
|     }, |     }, | ||||||
|  |     "node_modules/markdown-link-check/node_modules/commander": { | ||||||
|  |       "version": "14.0.1", | ||||||
|  |       "resolved": "https://registry.npmjs.org/commander/-/commander-14.0.1.tgz", | ||||||
|  |       "integrity": "sha512-2JkV3gUZUVrbNA+1sjBOYLsMZ5cEEl8GTFP2a4AVz5hvasAMCQ1D2l2le/cX+pV4N6ZU17zjUahLpIXRrnWL8A==", | ||||||
|  |       "dev": true, | ||||||
|  |       "license": "MIT", | ||||||
|  |       "engines": { | ||||||
|  |         "node": ">=20" | ||||||
|  |       } | ||||||
|  |     }, | ||||||
|     "node_modules/markdown-link-extractor": { |     "node_modules/markdown-link-extractor": { | ||||||
|       "version": "4.0.2", |       "version": "4.0.2", | ||||||
|       "resolved": "https://registry.npmjs.org/markdown-link-extractor/-/markdown-link-extractor-4.0.2.tgz", |       "resolved": "https://registry.npmjs.org/markdown-link-extractor/-/markdown-link-extractor-4.0.2.tgz", | ||||||
|   | |||||||
| @@ -9,6 +9,7 @@ | |||||||
|   ], |   ], | ||||||
|   "customManagers": [ |   "customManagers": [ | ||||||
|     { |     { | ||||||
|  |       "customType": "regex", | ||||||
|       "fileMatch": [ |       "fileMatch": [ | ||||||
|         "^Chart\\.yaml$" |         "^Chart\\.yaml$" | ||||||
|       ], |       ], | ||||||
| @@ -21,7 +22,10 @@ | |||||||
|       "versioningTemplate": "semver" |       "versioningTemplate": "semver" | ||||||
|     }, |     }, | ||||||
|     { |     { | ||||||
|       "fileMatch": ["^README\\.md$"], |       "customType": "regex", | ||||||
|  |       "fileMatch": [ | ||||||
|  |         "^README\\.md$" | ||||||
|  |       ], | ||||||
|       "matchStrings": [ |       "matchStrings": [ | ||||||
|         "CHART_VERSION=(?<currentValue>.*)" |         "CHART_VERSION=(?<currentValue>.*)" | ||||||
|       ], |       ], | ||||||
| @@ -29,9 +33,47 @@ | |||||||
|       "packageNameTemplate": "https://git.cryptic.systems/volker.raschek/reposilite-charts", |       "packageNameTemplate": "https://git.cryptic.systems/volker.raschek/reposilite-charts", | ||||||
|       "datasourceTemplate": "git-tags", |       "datasourceTemplate": "git-tags", | ||||||
|       "versioningTemplate": "semver" |       "versioningTemplate": "semver" | ||||||
|  |     }, | ||||||
|  |     { | ||||||
|  |       "customType": "regex", | ||||||
|  |       "datasourceTemplate": "github-releases", | ||||||
|  |       "fileMatch": [ | ||||||
|  |         ".vscode/settings\\.json$" | ||||||
|  |       ], | ||||||
|  |       "matchStrings": [ | ||||||
|  |         "https:\\/\\/raw\\.githubusercontent\\.com\\/(?<depName>[^\\s]+?)\\/(?<currentValue>v[0-9.]+?)\\/schema\\/helm-testsuite\\.json" | ||||||
|  |       ] | ||||||
|     } |     } | ||||||
|   ], |   ], | ||||||
|   "packageRules": [ |   "packageRules": [ | ||||||
|  |     { | ||||||
|  |       "groupName": "Update docker.io/volkerraschek/helm", | ||||||
|  |       "matchDepNames": [ | ||||||
|  |         "docker.io/volkerraschek/helm", | ||||||
|  |         "volkerraschek/helm" | ||||||
|  |       ] | ||||||
|  |     }, | ||||||
|  |     { | ||||||
|  |       "automerge": true, | ||||||
|  |       "groupName": "Update helm plugin 'unittest'", | ||||||
|  |       "matchDepNames": [ | ||||||
|  |         "helm-unittest/helm-unittest" | ||||||
|  |       ], | ||||||
|  |       "matchDatasources": [ | ||||||
|  |         "github-releases" | ||||||
|  |       ], | ||||||
|  |       "matchUpdateTypes": [ | ||||||
|  |         "minor", | ||||||
|  |         "patch" | ||||||
|  |       ] | ||||||
|  |     }, | ||||||
|  |     { | ||||||
|  |       "groupName": "Update docker.io/library/node", | ||||||
|  |       "matchDepNames": [ | ||||||
|  |         "docker.io/library/node", | ||||||
|  |         "library/node" | ||||||
|  |       ] | ||||||
|  |     }, | ||||||
|     { |     { | ||||||
|       "addLabels": [ |       "addLabels": [ | ||||||
|         "renovate/automerge", |         "renovate/automerge", | ||||||
| @@ -64,5 +106,16 @@ | |||||||
|         "patch" |         "patch" | ||||||
|       ] |       ] | ||||||
|     } |     } | ||||||
|   ] |   ], | ||||||
|  |   "postUpgradeTasks": { | ||||||
|  |     "commands": [ | ||||||
|  |       "install-tool node", | ||||||
|  |       "make readme" | ||||||
|  |     ], | ||||||
|  |     "fileFilters": [ | ||||||
|  |       "README.md", | ||||||
|  |       "values.yaml" | ||||||
|  |     ], | ||||||
|  |     "executionMode": "update" | ||||||
|  |   } | ||||||
| } | } | ||||||
| @@ -17,11 +17,32 @@ | |||||||
| {{- if .Values.persistentVolumeClaim.enabled }} | {{- if .Values.persistentVolumeClaim.enabled }} | ||||||
| {{- $env = concat $env (list (dict "name" "REPOSILITE_DATA" "value" .Values.persistentVolumeClaim.path )) }} | {{- $env = concat $env (list (dict "name" "REPOSILITE_DATA" "value" .Values.persistentVolumeClaim.path )) }} | ||||||
| {{- end }} | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if eq (include "reposilite.podMonitor.enabled" $) "true" }} | ||||||
|  | {{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_PATH" "value" .Values.prometheus.metrics.podMonitor.path )) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if eq (include "reposilite.serviceMonitor.enabled" $) "true" }} | ||||||
|  | {{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_PATH" "value" .Values.prometheus.metrics.serviceMonitor.path )) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if or (eq (include "reposilite.podMonitor.enabled" $ ) "true") (eq (include "reposilite.serviceMonitor.enabled" $ ) "true") -}} | ||||||
|  | {{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_USER" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" (include "reposilite.secrets.prometheusBasicAuth.usernameKey" $))))) }} | ||||||
|  | {{- $env = concat $env (list (dict "name" "REPOSILITE_PROMETHEUS_PASSWORD" "valueFrom" (dict "secretKeyRef" (dict "name" (include "reposilite.secrets.prometheusBasicAuth.name" $) "key" (include "reposilite.secrets.prometheusBasicAuth.passwordKey" $))))) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
| {{ toYaml (dict "env" $env) }} | {{ toYaml (dict "env" $env) }} | ||||||
| {{- end -}} | {{- end -}} | ||||||
|  |  | ||||||
| {{/* image */}} | {{/* image */}} | ||||||
|  |  | ||||||
|  | {{- define "reposilite.deployment.images.plugin.fqin" -}} | ||||||
|  | {{- $registry := .Values.deployment.pluginContainer.image.registry -}} | ||||||
|  | {{- $repository := .Values.deployment.pluginContainer.image.repository -}} | ||||||
|  | {{- $tag := default .Chart.AppVersion .Values.deployment.pluginContainer.image.tag -}} | ||||||
|  | {{- printf "%s/%s:%s" $registry $repository $tag -}} | ||||||
|  | {{- end -}} | ||||||
|  |  | ||||||
| {{- define "reposilite.deployment.images.reposilite.fqin" -}} | {{- define "reposilite.deployment.images.reposilite.fqin" -}} | ||||||
| {{- $registry := .Values.deployment.reposilite.image.registry -}} | {{- $registry := .Values.deployment.reposilite.image.registry -}} | ||||||
| {{- $repository := .Values.deployment.reposilite.image.repository -}} | {{- $repository := .Values.deployment.reposilite.image.repository -}} | ||||||
| @@ -38,6 +59,34 @@ | |||||||
| {{- end }} | {{- end }} | ||||||
| {{- end }} | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* initContainers */}} | ||||||
|  |  | ||||||
|  | {{- define "reposilite.deployment.initContainers" -}} | ||||||
|  | {{- $initContainers := .Values.deployment.initContainers | default list -}} | ||||||
|  | {{- $pluginContainerImage := (include "reposilite.deployment.images.plugin.fqin" . ) }} | ||||||
|  | {{- $pluginContainerArgs := .Values.deployment.pluginContainer.args | default list }} | ||||||
|  | {{- $pluginContainerArgs := concat $pluginContainerArgs (list "--output-dir" "/app/data/plugins" ) }} | ||||||
|  | {{- $pluginContainerVolumeMounts := list (dict "name" "plugins" "mountPath" "/app/data/plugins") }} | ||||||
|  |  | ||||||
|  | {{- if eq (include "reposilite.plugins.prometheus.enabled" $) "true" }} | ||||||
|  | {{- $fileName := splitList "/" (tpl .Values.config.plugins.prometheus.url $) | last }} | ||||||
|  | {{- $individualArgs := concat $pluginContainerArgs (list "--output" $fileName (tpl .Values.config.plugins.prometheus.url $)) }} | ||||||
|  | {{- $initContainers = concat $initContainers (list (dict "args" $individualArgs "name" "download-prometheus-plugin" "image" $pluginContainerImage "volumeMounts" $pluginContainerVolumeMounts)) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{ toYaml (dict "initContainers" $initContainers) }} | ||||||
|  |  | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* plugins */}} | ||||||
|  | {{- define "reposilite.plugins.prometheus.enabled" -}} | ||||||
|  | {{- if or .Values.config.plugins.prometheus.enabled .Values.prometheus.metrics.enabled -}} | ||||||
|  | true | ||||||
|  | {{- else -}} | ||||||
|  | false | ||||||
|  | {{- end -}} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
| {{/* serviceAccount */}} | {{/* serviceAccount */}} | ||||||
|  |  | ||||||
| {{- define "reposilite.deployment.serviceAccount" -}} | {{- define "reposilite.deployment.serviceAccount" -}} | ||||||
| @@ -55,6 +104,11 @@ | |||||||
| {{- if .Values.persistentVolumeClaim.enabled }} | {{- if .Values.persistentVolumeClaim.enabled }} | ||||||
| {{- $volumeMounts = concat $volumeMounts (list (dict "name" "data" "mountPath" .Values.persistentVolumeClaim.path )) }} | {{- $volumeMounts = concat $volumeMounts (list (dict "name" "data" "mountPath" .Values.persistentVolumeClaim.path )) }} | ||||||
| {{- end }} | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if eq (include "reposilite.plugins.prometheus.enabled" $) "true" }} | ||||||
|  | {{- $volumeMounts = concat $volumeMounts (list (dict "name" "plugins" "mountPath" "/app/data/plugins")) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
| {{ toYaml (dict "volumeMounts" $volumeMounts) }} | {{ toYaml (dict "volumeMounts" $volumeMounts) }} | ||||||
| {{- end -}} | {{- end -}} | ||||||
|  |  | ||||||
| @@ -71,6 +125,10 @@ | |||||||
| {{- $volumes = concat $volumes (list (dict "name" "data" "persistentVolumeClaim" (dict "claimName" $persistentVolumeClaimName))) }} | {{- $volumes = concat $volumes (list (dict "name" "data" "persistentVolumeClaim" (dict "claimName" $persistentVolumeClaimName))) }} | ||||||
| {{- end }} | {{- end }} | ||||||
|  |  | ||||||
|  | {{- if eq (include "reposilite.plugins.prometheus.enabled" $) "true" }} | ||||||
|  | {{- $volumes = concat $volumes (list (dict "name" "plugins" "emptyDir" dict)) }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
| {{ toYaml (dict "volumes" $volumes) }} | {{ toYaml (dict "volumes" $volumes) }} | ||||||
|  |  | ||||||
| {{- end -}} | {{- end -}} | ||||||
| @@ -4,6 +4,9 @@ | |||||||
|  |  | ||||||
| {{- define "reposilite.pod.annotations" -}} | {{- define "reposilite.pod.annotations" -}} | ||||||
| {{ include "reposilite.annotations" . }} | {{ include "reposilite.annotations" . }} | ||||||
|  | {{- if and .Values.prometheus.metrics.enabled (not .Values.prometheus.metrics.secret.existing.enabled) -}} | ||||||
|  | {{- printf "checksum/secret-%s: %s" (include "reposilite.secrets.prometheusBasicAuth.name" $) (include (print $.Template.BasePath "/secretPrometheusBasicAuth.yaml") . | sha256sum) }} | ||||||
|  | {{- end -}} | ||||||
| {{- end }} | {{- end }} | ||||||
|  |  | ||||||
| {{/* labels */}} | {{/* labels */}} | ||||||
|   | |||||||
							
								
								
									
										27
									
								
								templates/_podMonitors.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										27
									
								
								templates/_podMonitors.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,27 @@ | |||||||
|  | {{/* vim: set filetype=mustache: */}} | ||||||
|  |  | ||||||
|  | {{/* annotations */}} | ||||||
|  | {{- define "reposilite.podMonitor.annotations" -}} | ||||||
|  | {{ include "reposilite.annotations" . }} | ||||||
|  | {{- if .Values.prometheus.metrics.podMonitor.annotations }} | ||||||
|  | {{ toYaml .Values.prometheus.metrics.podMonitor.annotations }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* enabled */}} | ||||||
|  | {{- define "reposilite.podMonitor.enabled" -}} | ||||||
|  | {{- if and .Values.prometheus.metrics.enabled .Values.prometheus.metrics.podMonitor.enabled (not .Values.prometheus.metrics.serviceMonitor.enabled) -}} | ||||||
|  | true | ||||||
|  | {{- else -}} | ||||||
|  | false | ||||||
|  | {{- end -}} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* labels */}} | ||||||
|  |  | ||||||
|  | {{- define "reposilite.podMonitor.labels" -}} | ||||||
|  | {{ include "reposilite.labels" . }} | ||||||
|  | {{- if .Values.prometheus.metrics.podMonitor.labels }} | ||||||
|  | {{ toYaml .Values.prometheus.metrics.podMonitor.labels }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										53
									
								
								templates/_secrets.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										53
									
								
								templates/_secrets.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,53 @@ | |||||||
|  | {{/* vim: set filetype=mustache: */}} | ||||||
|  |  | ||||||
|  | {{/* annotations */}} | ||||||
|  |  | ||||||
|  | {{- define "reposilite.secrets.prometheusBasicAuth.annotations" -}} | ||||||
|  | {{ include "reposilite.annotations" . }} | ||||||
|  | {{- if .Values.prometheus.metrics.secret.new.annotations }} | ||||||
|  | {{ toYaml .Values.prometheus.metrics.secret.new.annotations }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* labels */}} | ||||||
|  |  | ||||||
|  | {{- define "reposilite.secrets.prometheusBasicAuth.labels" -}} | ||||||
|  | {{ include "reposilite.labels" . }} | ||||||
|  | {{- if .Values.prometheus.metrics.secret.new.labels }} | ||||||
|  | {{ toYaml .Values.prometheus.metrics.secret.new.labels }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* names */}} | ||||||
|  |  | ||||||
|  | {{- define "reposilite.secrets.prometheusBasicAuth.name" -}} | ||||||
|  | {{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.secretName) 0) }} | ||||||
|  | {{- print .Values.prometheus.metrics.secret.existing.secretName -}} | ||||||
|  | {{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.secretName) 0) }} | ||||||
|  | {{ fail "Name of the existing secret that contains the credentials for basic auth is not defined!" }} | ||||||
|  | {{- else if not .Values.prometheus.metrics.secret.existing.enabled }} | ||||||
|  | {{- printf "%s-basic-auth-credentials" (include "reposilite.fullname" $) -}} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* secretKeyNames */}} | ||||||
|  |  | ||||||
|  | {{- define "reposilite.secrets.prometheusBasicAuth.passwordKey" -}} | ||||||
|  | {{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey) 0) -}} | ||||||
|  | {{- .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey -}} | ||||||
|  | {{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.basicAuthPasswordKey) 0) }} | ||||||
|  | {{ fail "Name of the key in the secret that contains the password for basic auth is not defined!" }} | ||||||
|  | {{- else if and (not .Values.prometheus.metrics.secret.existing.enabled) }} | ||||||
|  | {{- print "password" -}} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- define "reposilite.secrets.prometheusBasicAuth.usernameKey" -}} | ||||||
|  | {{- if and .Values.prometheus.metrics.secret.existing.enabled (gt (len .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey) 0) -}} | ||||||
|  | {{- .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey -}} | ||||||
|  | {{- else if and .Values.prometheus.metrics.secret.existing.enabled (eq (len .Values.prometheus.metrics.secret.existing.basicAuthUsernameKey) 0) }} | ||||||
|  | {{ fail "Name of the key in the secret that contains the username for basic auth is not defined!" }} | ||||||
|  | {{- else if and (not .Values.prometheus.metrics.secret.existing.enabled) }} | ||||||
|  | {{- print "username" -}} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										35
									
								
								templates/_serviceMonitors.tpl
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										35
									
								
								templates/_serviceMonitors.tpl
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,35 @@ | |||||||
|  | {{/* vim: set filetype=mustache: */}} | ||||||
|  |  | ||||||
|  | {{/* annotations */}} | ||||||
|  |  | ||||||
|  | {{- define "reposilite.serviceMonitor.annotations" -}} | ||||||
|  | {{ include "reposilite.annotations" . }} | ||||||
|  | {{- if .Values.prometheus.metrics.serviceMonitor.annotations }} | ||||||
|  | {{ toYaml .Values.prometheus.metrics.serviceMonitor.annotations }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* enabled */}} | ||||||
|  |  | ||||||
|  | {{- define "reposilite.serviceMonitor.enabled" -}} | ||||||
|  | {{- if and .Values.prometheus.metrics.enabled (not .Values.prometheus.metrics.podMonitor.enabled) .Values.prometheus.metrics.serviceMonitor.enabled .Values.service.enabled -}} | ||||||
|  | true | ||||||
|  | {{- else -}} | ||||||
|  | false | ||||||
|  | {{- end -}} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{/* labels */}} | ||||||
|  |  | ||||||
|  | {{- define "reposilite.serviceMonitor.labels" -}} | ||||||
|  | {{ include "reposilite.labels" . }} | ||||||
|  | {{- if .Values.prometheus.metrics.serviceMonitor.labels }} | ||||||
|  | {{ toYaml .Values.prometheus.metrics.serviceMonitor.labels }} | ||||||
|  | {{- end }} | ||||||
|  | {{- end }} | ||||||
|  |  | ||||||
|  | {{- define "reposilite.serviceMonitor.selectorLabels" -}} | ||||||
|  | {{ include "reposilite.selectorLabels" . }} | ||||||
|  | {{/* Add label to select the correct service via `selector.matchLabels` of the serviceMonitor resource. */}} | ||||||
|  | app.kubernetes.io/service-name: {{ required "The scheme of the serviceMonitor is not defined!" .Values.service.scheme }} | ||||||
|  | {{- end }} | ||||||
| @@ -16,6 +16,8 @@ | |||||||
| {{- if .Values.service.labels }} | {{- if .Values.service.labels }} | ||||||
| {{ toYaml .Values.service.labels }} | {{ toYaml .Values.service.labels }} | ||||||
| {{- end }} | {{- end }} | ||||||
|  | {{/* Add label to select the correct service via `selector.matchLabels` of the serviceMonitor resource. */}} | ||||||
|  | app.kubernetes.io/service-name: {{ required "The scheme of the serviceMonitor is not defined!" .Values.service.scheme }} | ||||||
| {{- end }} | {{- end }} | ||||||
|  |  | ||||||
| {{/* names */}} | {{/* names */}} | ||||||
|   | |||||||
| @@ -68,7 +68,10 @@ spec: | |||||||
|         name: reposilite |         name: reposilite | ||||||
|         ports: |         ports: | ||||||
|         - name: http |         - name: http | ||||||
|           containerPort: {{ .Values.service.port }} |           containerPort: 8080 | ||||||
|  |           protocol: TCP | ||||||
|  |         - name: https | ||||||
|  |           containerPort: 8443 | ||||||
|           protocol: TCP |           protocol: TCP | ||||||
|         readinessProbe: |         readinessProbe: | ||||||
|           tcpSocket: |           tcpSocket: | ||||||
| @@ -106,6 +109,11 @@ spec: | |||||||
|       imagePullSecrets: |       imagePullSecrets: | ||||||
|         {{- toYaml . | nindent 8 }} |         {{- toYaml . | nindent 8 }} | ||||||
|       {{- end }} |       {{- end }} | ||||||
|  |       {{- $initContainers := (include "reposilite.deployment.initContainers" . | fromYaml) }} | ||||||
|  |       {{- if and (hasKey $initContainers "initContainers") (gt (len $initContainers.initContainers) 0) }} | ||||||
|  |       initContainers: | ||||||
|  |       {{- toYaml $initContainers.initContainers | nindent 6 }} | ||||||
|  |       {{- end }} | ||||||
|       {{- with .Values.deployment.nodeSelector }} |       {{- with .Values.deployment.nodeSelector }} | ||||||
|       nodeSelector: |       nodeSelector: | ||||||
|         {{- toYaml . | nindent 8 }} |         {{- toYaml . | nindent 8 }} | ||||||
|   | |||||||
							
								
								
									
										47
									
								
								templates/podMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										47
									
								
								templates/podMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,47 @@ | |||||||
|  | {{- if eq (include "reposilite.podMonitor.enabled" $) "true" }} | ||||||
|  | --- | ||||||
|  | apiVersion: monitoring.coreos.com/v1 | ||||||
|  | kind: PodMonitor | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "reposilite.podMonitor.annotations" . | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "reposilite.podMonitor.labels" . | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ include "reposilite.fullname" . }} | ||||||
|  |   namespace: {{ .Release.Namespace }} | ||||||
|  | spec: | ||||||
|  |   podMetricsEndpoints: | ||||||
|  |   - basicAuth: | ||||||
|  |       password: | ||||||
|  |         key: {{ include "reposilite.secrets.prometheusBasicAuth.passwordKey" . }} | ||||||
|  |         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||||
|  |       username: | ||||||
|  |         key: {{ include "reposilite.secrets.prometheusBasicAuth.usernameKey" . }} | ||||||
|  |         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||||
|  |     enableHttp2: {{ required "The enableHttp2 option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.enableHttp2 }} | ||||||
|  |     followRedirects: {{ required "The followRedirects option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.followRedirects }} | ||||||
|  |     honorLabels: {{ required "The honorLabels option of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.honorLabels }} | ||||||
|  |     interval: {{ required "The scrape interval of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.interval }} | ||||||
|  |     path: {{ required "The metric path of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.path }} | ||||||
|  |     port: {{ required "The metric port of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.port | quote }} | ||||||
|  |     {{- with .Values.prometheus.metrics.podMonitor.relabelings }} | ||||||
|  |     relabelings: | ||||||
|  |       {{- toYaml . | nindent 6 }} | ||||||
|  |     {{- end }} | ||||||
|  |     scrapeTimeout: {{ required "The scrape timeout of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.scrapeTimeout }} | ||||||
|  |     scheme: {{ required "The scheme of the podMonitor is not defined!" .Values.prometheus.metrics.podMonitor.scheme }} | ||||||
|  |     {{- with .Values.prometheus.metrics.podMonitor.tlsConfig }} | ||||||
|  |     tlsConfig: | ||||||
|  |       {{- toYaml . | nindent 6 }} | ||||||
|  |     {{- end }} | ||||||
|  |   namespaceSelector: | ||||||
|  |     matchNames: | ||||||
|  |     - {{ .Release.Namespace }} | ||||||
|  |   selector: | ||||||
|  |     matchLabels: | ||||||
|  |       {{- include "reposilite.pod.selectorLabels" . | nindent 6 }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										19
									
								
								templates/secretPrometheusBasicAuth.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										19
									
								
								templates/secretPrometheusBasicAuth.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,19 @@ | |||||||
|  | {{- if and .Values.prometheus.metrics.enabled (not .Values.prometheus.metrics.secret.existing.enabled) }} | ||||||
|  | --- | ||||||
|  | apiVersion: v1 | ||||||
|  | kind: Secret | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "reposilite.secrets.prometheusBasicAuth.annotations" . | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "reposilite.secrets.prometheusBasicAuth.labels" . | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||||
|  |   namespace: {{ .Release.Namespace }} | ||||||
|  | stringData: | ||||||
|  |   password: {{ default (randAlphaNum 16) .Values.prometheus.metrics.secret.new.basicAuthPassword }} | ||||||
|  |   username: {{ default (randAlphaNum 16) .Values.prometheus.metrics.secret.new.basicAuthUsername }} | ||||||
|  | {{- end }} | ||||||
| @@ -43,7 +43,7 @@ spec: | |||||||
|   {{- end }} |   {{- end }} | ||||||
|   {{- end }} |   {{- end }} | ||||||
|   ports: |   ports: | ||||||
|   - name: http |   - name: {{ required "No service name defined. Either 'http' or 'https' is allowed!" .Values.service.scheme }} | ||||||
|     protocol: TCP |     protocol: TCP | ||||||
|     port: {{ required "No service port defined!" .Values.service.port }} |     port: {{ required "No service port defined!" .Values.service.port }} | ||||||
|   selector: |   selector: | ||||||
|   | |||||||
							
								
								
									
										47
									
								
								templates/serviceMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										47
									
								
								templates/serviceMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,47 @@ | |||||||
|  | {{- if eq (include "reposilite.serviceMonitor.enabled" $) "true" }} | ||||||
|  | --- | ||||||
|  | apiVersion: monitoring.coreos.com/v1 | ||||||
|  | kind: ServiceMonitor | ||||||
|  | metadata: | ||||||
|  |   {{- with (include "reposilite.serviceMonitor.annotations" . | fromYaml) }} | ||||||
|  |   annotations: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   {{- with (include "reposilite.serviceMonitor.labels" . | fromYaml) }} | ||||||
|  |   labels: | ||||||
|  |     {{- toYaml . | nindent 4 }} | ||||||
|  |   {{- end }} | ||||||
|  |   name: {{ include "reposilite.fullname" . }} | ||||||
|  |   namespace: {{ .Release.Namespace }} | ||||||
|  | spec: | ||||||
|  |   endpoints: | ||||||
|  |   - basicAuth: | ||||||
|  |       password: | ||||||
|  |         key: {{ include "reposilite.secrets.prometheusBasicAuth.passwordKey" . }} | ||||||
|  |         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||||
|  |       username: | ||||||
|  |         key: {{ include "reposilite.secrets.prometheusBasicAuth.usernameKey" . }} | ||||||
|  |         name: {{ include "reposilite.secrets.prometheusBasicAuth.name" . }} | ||||||
|  |     enableHttp2: {{ required "The enableHttp2 option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.enableHttp2 }} | ||||||
|  |     followRedirects: {{ required "The followRedirects option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.followRedirects }} | ||||||
|  |     honorLabels: {{ required "The honorLabels option of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.honorLabels }} | ||||||
|  |     interval: {{ required "The scrape interval of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.interval }} | ||||||
|  |     path: {{ required "The metric path of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.path }} | ||||||
|  |     port: {{ required "The port of the serviceMonitor is not defined!" .Values.service.scheme }} | ||||||
|  |     {{- with .Values.prometheus.metrics.serviceMonitor.relabelings }} | ||||||
|  |     relabelings: | ||||||
|  |       {{- toYaml . | nindent 6 }} | ||||||
|  |     {{- end }} | ||||||
|  |     scrapeTimeout: {{ required "The scrape timeout of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.scrapeTimeout }} | ||||||
|  |     scheme: {{ required "The scheme of the serviceMonitor is not defined!" .Values.prometheus.metrics.serviceMonitor.scheme }} | ||||||
|  |     {{- with .Values.prometheus.metrics.serviceMonitor.tlsConfig }} | ||||||
|  |     tlsConfig: | ||||||
|  |       {{- toYaml . | nindent 6 }} | ||||||
|  |     {{- end }} | ||||||
|  |   namespaceSelector: | ||||||
|  |     matchNames: | ||||||
|  |     - {{ .Release.Namespace }} | ||||||
|  |   selector: | ||||||
|  |     matchLabels: | ||||||
|  |       {{- include "reposilite.serviceMonitor.selectorLabels" . | nindent 6 }} | ||||||
|  | {{- end }} | ||||||
							
								
								
									
										42
									
								
								unittests/deployment/configPlugins.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										42
									
								
								unittests/deployment/configPlugins.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,42 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Test reposilite plugins | ||||||
|  | release: | ||||||
|  |   name: reposilite-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/deployment.yaml | ||||||
|  | - templates/secretPrometheusBasicAuth.yaml | ||||||
|  | tests: | ||||||
|  | - it: Test init containers for prometheus | ||||||
|  |   set: | ||||||
|  |     config.plugins.prometheus.enabled: true | ||||||
|  |     config.plugins.prometheus.url: "https://reposilite.com/plugins/prometheus.jar" | ||||||
|  |     deployment.pluginContainer.image.tag: 0.1.0 | ||||||
|  |   asserts: | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.initContainers | ||||||
|  |       content: | ||||||
|  |         args: | ||||||
|  |         - --location | ||||||
|  |         - --fail | ||||||
|  |         - --max-time | ||||||
|  |         - "60" | ||||||
|  |         - --output-dir | ||||||
|  |         - /app/data/plugins | ||||||
|  |         - --output | ||||||
|  |         - prometheus.jar | ||||||
|  |         - https://reposilite.com/plugins/prometheus.jar | ||||||
|  |         name: download-prometheus-plugin | ||||||
|  |         image: docker.io/curlimages/curl:0.1.0 | ||||||
|  |         volumeMounts: | ||||||
|  |         - mountPath: /app/data/plugins | ||||||
|  |           name: plugins | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.volumes | ||||||
|  |       content: | ||||||
|  |         name: plugins | ||||||
|  |         emptyDir: {} | ||||||
|  |     template: templates/deployment.yaml | ||||||
| @@ -7,19 +7,23 @@ release: | |||||||
|   namespace: testing |   namespace: testing | ||||||
| templates: | templates: | ||||||
| - templates/deployment.yaml | - templates/deployment.yaml | ||||||
|  | - templates/secretPrometheusBasicAuth.yaml | ||||||
| tests: | tests: | ||||||
| - it: Rendering default | - it: Rendering default | ||||||
|   set: {} |   set: {} | ||||||
|   asserts: |   asserts: | ||||||
|   - hasDocuments: |   - hasDocuments: | ||||||
|       count: 1 |       count: 1 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - containsDocument: |   - containsDocument: | ||||||
|       apiVersion: apps/v1 |       apiVersion: apps/v1 | ||||||
|       kind: Deployment |       kind: Deployment | ||||||
|       name: reposilite-unittest |       name: reposilite-unittest | ||||||
|       namespace: testing |       namespace: testing | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: metadata.annotations |       path: metadata.annotations | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - equal: |   - equal: | ||||||
|       path: metadata.labels |       path: metadata.labels | ||||||
|       value: |       value: | ||||||
| @@ -28,14 +32,17 @@ tests: | |||||||
|         app.kubernetes.io/name: reposilite |         app.kubernetes.io/name: reposilite | ||||||
|         app.kubernetes.io/version: 0.1.0 |         app.kubernetes.io/version: 0.1.0 | ||||||
|         helm.sh/chart: reposilite-0.1.0 |         helm.sh/chart: reposilite-0.1.0 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - equal: |   - equal: | ||||||
|       path: spec.replicas |       path: spec.replicas | ||||||
|       value: 1 |       value: 1 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - isSubset: |   - isSubset: | ||||||
|       path: spec.selector.matchLabels |       path: spec.selector.matchLabels | ||||||
|       content: |       content: | ||||||
|         app.kubernetes.io/instance: reposilite-unittest |         app.kubernetes.io/instance: reposilite-unittest | ||||||
|         app.kubernetes.io/name: reposilite |         app.kubernetes.io/name: reposilite | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - equal: |   - equal: | ||||||
|       path: spec.strategy |       path: spec.strategy | ||||||
|       value: |       value: | ||||||
| @@ -43,9 +50,10 @@ tests: | |||||||
|         rollingUpdate: |         rollingUpdate: | ||||||
|           maxSurge: 1 |           maxSurge: 1 | ||||||
|           maxUnavailable: 1 |           maxUnavailable: 1 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.metadata.annotations |       path: spec.template.metadata.annotations | ||||||
|       value: sadsdf |     template: templates/deployment.yaml | ||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.metadata.labels |       path: spec.template.metadata.labels | ||||||
|       value: |       value: | ||||||
| @@ -54,25 +62,33 @@ tests: | |||||||
|         app.kubernetes.io/name: reposilite |         app.kubernetes.io/name: reposilite | ||||||
|         app.kubernetes.io/version: 0.1.0 |         app.kubernetes.io/version: 0.1.0 | ||||||
|         helm.sh/chart: reposilite-0.1.0 |         helm.sh/chart: reposilite-0.1.0 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.affinity |       path: spec.template.spec.affinity | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.containers[0].args |       path: spec.template.spec.containers[0].args | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.containers[0].command |       path: spec.template.spec.containers[0].command | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - contains: |   - contains: | ||||||
|       path: spec.template.spec.containers[0].env |       path: spec.template.spec.containers[0].env | ||||||
|       content: |       content: | ||||||
|         name: JAVA_OPTS |         name: JAVA_OPTS | ||||||
|         value: "-Xmx64M" |         value: "-Xmx64M" | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.containers[0].envFrom |       path: spec.template.spec.containers[0].envFrom | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.spec.containers[0].image |       path: spec.template.spec.containers[0].image | ||||||
|       value: docker.io/dzikoysk/reposilite:0.1.0 |       value: docker.io/dzikoysk/reposilite:0.1.0 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.spec.containers[0].imagePullPolicy |       path: spec.template.spec.containers[0].imagePullPolicy | ||||||
|       value: IfNotPresent |       value: IfNotPresent | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - isSubset: |   - isSubset: | ||||||
|       path: spec.template.spec.containers[0].livenessProbe |       path: spec.template.spec.containers[0].livenessProbe | ||||||
|       content: |       content: | ||||||
| @@ -83,15 +99,18 @@ tests: | |||||||
|         periodSeconds: 60 |         periodSeconds: 60 | ||||||
|         successThreshold: 1 |         successThreshold: 1 | ||||||
|         timeoutSeconds: 3 |         timeoutSeconds: 3 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.spec.containers[0].name |       path: spec.template.spec.containers[0].name | ||||||
|       value: reposilite |       value: reposilite | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - contains: |   - contains: | ||||||
|       path: spec.template.spec.containers[0].ports |       path: spec.template.spec.containers[0].ports | ||||||
|       content: |       content: | ||||||
|         name: http |         name: http | ||||||
|         containerPort: 8080 |         containerPort: 8080 | ||||||
|         protocol: TCP |         protocol: TCP | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - isSubset: |   - isSubset: | ||||||
|       path: spec.template.spec.containers[0].readinessProbe |       path: spec.template.spec.containers[0].readinessProbe | ||||||
|       content: |       content: | ||||||
| @@ -102,42 +121,60 @@ tests: | |||||||
|         periodSeconds: 15 |         periodSeconds: 15 | ||||||
|         successThreshold: 1 |         successThreshold: 1 | ||||||
|         timeoutSeconds: 3 |         timeoutSeconds: 3 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.containers[0].resources |       path: spec.template.spec.containers[0].resources | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.containers[0].securityContext |       path: spec.template.spec.containers[0].securityContext | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.containers[0].volumeMounts |       path: spec.template.spec.containers[0].volumeMounts | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.dnsConfig |       path: spec.template.spec.dnsConfig | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.dnsPolicy |       path: spec.template.spec.dnsPolicy | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.hostname |       path: spec.template.spec.hostname | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.spec.hostNetwork |       path: spec.template.spec.hostNetwork | ||||||
|       value: false |       value: false | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.imagePullSecrets |       path: spec.template.spec.imagePullSecrets | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.initContainers |       path: spec.template.spec.initContainers | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.nodeSelector |       path: spec.template.spec.nodeSelector | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.priorityClassName |       path: spec.template.spec.priorityClassName | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.restartPolicy |       path: spec.template.spec.restartPolicy | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.subdomain |       path: spec.template.spec.subdomain | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.spec.terminationGracePeriodSeconds |       path: spec.template.spec.terminationGracePeriodSeconds | ||||||
|       value: 60 |       value: 60 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.tolerations |       path: spec.template.spec.tolerations | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.topologySpreadConstraints |       path: spec.template.spec.topologySpreadConstraints | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - notExists: |   - notExists: | ||||||
|       path: spec.template.spec.volumes |       path: spec.template.spec.volumes | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test custom replicas | - it: Test custom replicas | ||||||
|   set: |   set: | ||||||
| @@ -146,6 +183,7 @@ tests: | |||||||
|   - equal: |   - equal: | ||||||
|       path: spec.replicas |       path: spec.replicas | ||||||
|       value: 3 |       value: 3 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test custom strategy | - it: Test custom strategy | ||||||
|   set: |   set: | ||||||
| @@ -162,6 +200,7 @@ tests: | |||||||
|         rollingUpdate: |         rollingUpdate: | ||||||
|           maxSurge: 10 |           maxSurge: 10 | ||||||
|           maxUnavailable: 5 |           maxUnavailable: 5 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test custom affinity | - it: Test custom affinity | ||||||
|   set: |   set: | ||||||
| @@ -188,6 +227,7 @@ tests: | |||||||
|                 values: |                 values: | ||||||
|                 - antarctica-east1 |                 - antarctica-east1 | ||||||
|                 - antarctica-west1 |                 - antarctica-west1 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test additional arguments | - it: Test additional arguments | ||||||
|   set: |   set: | ||||||
| @@ -200,6 +240,7 @@ tests: | |||||||
|       value: |       value: | ||||||
|       - --foo=bar |       - --foo=bar | ||||||
|       - --bar=foo |       - --bar=foo | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test additional commands | - it: Test additional commands | ||||||
|   set: |   set: | ||||||
| @@ -210,6 +251,7 @@ tests: | |||||||
|       path: spec.template.spec.containers[0].command |       path: spec.template.spec.containers[0].command | ||||||
|       value: |       value: | ||||||
|       - /bin/bash |       - /bin/bash | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test custom imageRegistry and imageRepository | - it: Test custom imageRegistry and imageRepository | ||||||
|   set: |   set: | ||||||
| @@ -220,6 +262,7 @@ tests: | |||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.spec.containers[0].image |       path: spec.template.spec.containers[0].image | ||||||
|       value: registry.example.local/path/special/reposilite:2.0.0 |       value: registry.example.local/path/special/reposilite:2.0.0 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test custom imagePullPolicy | - it: Test custom imagePullPolicy | ||||||
|   set: |   set: | ||||||
| @@ -228,17 +271,7 @@ tests: | |||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.spec.containers[0].imagePullPolicy |       path: spec.template.spec.containers[0].imagePullPolicy | ||||||
|       value: Always |       value: Always | ||||||
|  |     template: templates/deployment.yaml | ||||||
| - it: Test custom port |  | ||||||
|   set: |  | ||||||
|     service.port: 8443 |  | ||||||
|   asserts: |  | ||||||
|   - contains: |  | ||||||
|       path: spec.template.spec.containers[0].ports |  | ||||||
|       content: |  | ||||||
|         name: http |  | ||||||
|         containerPort: 8443 |  | ||||||
|         protocol: TCP |  | ||||||
|  |  | ||||||
| - it: Test custom resources | - it: Test custom resources | ||||||
|   set: |   set: | ||||||
| @@ -259,6 +292,7 @@ tests: | |||||||
|         requests: |         requests: | ||||||
|           cpu: 25m |           cpu: 25m | ||||||
|           memory: 100MB |           memory: 100MB | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test custom securityContext | - it: Test custom securityContext | ||||||
|   set: |   set: | ||||||
| @@ -285,6 +319,7 @@ tests: | |||||||
|         readOnlyRootFilesystem: true |         readOnlyRootFilesystem: true | ||||||
|         runAsNonRoot: true |         runAsNonRoot: true | ||||||
|         runAsUser: 1000 |         runAsUser: 1000 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test custom volumeMounts | - it: Test custom volumeMounts | ||||||
|   set: |   set: | ||||||
| @@ -297,6 +332,7 @@ tests: | |||||||
|       content: |       content: | ||||||
|         name: data |         name: data | ||||||
|         mountPath: /usr/lib/data |         mountPath: /usr/lib/data | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test dnsConfig | - it: Test dnsConfig | ||||||
|   set: |   set: | ||||||
| @@ -311,6 +347,7 @@ tests: | |||||||
|         nameservers: |         nameservers: | ||||||
|         - "8.8.8.8" |         - "8.8.8.8" | ||||||
|         - "8.8.4.4" |         - "8.8.4.4" | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test dnsPolicy | - it: Test dnsPolicy | ||||||
|   set: |   set: | ||||||
| @@ -319,6 +356,7 @@ tests: | |||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.spec.dnsPolicy |       path: spec.template.spec.dnsPolicy | ||||||
|       value: ClusterFirst |       value: ClusterFirst | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test hostNetwork, hostname, subdomain | - it: Test hostNetwork, hostname, subdomain | ||||||
|   set: |   set: | ||||||
| @@ -329,12 +367,15 @@ tests: | |||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.spec.hostNetwork |       path: spec.template.spec.hostNetwork | ||||||
|       value: true |       value: true | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.spec.hostname |       path: spec.template.spec.hostname | ||||||
|       value: pg-exporter |       value: pg-exporter | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.spec.subdomain |       path: spec.template.spec.subdomain | ||||||
|       value: exporters.internal |       value: exporters.internal | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test imagePullSecrets | - it: Test imagePullSecrets | ||||||
|   set: |   set: | ||||||
| @@ -347,6 +388,20 @@ tests: | |||||||
|       value: |       value: | ||||||
|       - name: my-pull-secret |       - name: my-pull-secret | ||||||
|       - name: my-special-secret |       - name: my-special-secret | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Test initContainers | ||||||
|  |   set: | ||||||
|  |     deployment.initContainers: | ||||||
|  |     - name: busybox | ||||||
|  |       image: docker.io/library/busybox:latest | ||||||
|  |   asserts: | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.initContainers | ||||||
|  |       content: | ||||||
|  |         name: busybox | ||||||
|  |         image: docker.io/library/busybox:latest | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test nodeSelector | - it: Test nodeSelector | ||||||
|   set: |   set: | ||||||
| @@ -357,6 +412,7 @@ tests: | |||||||
|       path: spec.template.spec.nodeSelector |       path: spec.template.spec.nodeSelector | ||||||
|       value: |       value: | ||||||
|         foo: bar |         foo: bar | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test priorityClassName | - it: Test priorityClassName | ||||||
|   set: |   set: | ||||||
| @@ -365,6 +421,7 @@ tests: | |||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.spec.priorityClassName |       path: spec.template.spec.priorityClassName | ||||||
|       value: my-priority |       value: my-priority | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test restartPolicy | - it: Test restartPolicy | ||||||
|   set: |   set: | ||||||
| @@ -373,6 +430,7 @@ tests: | |||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.spec.restartPolicy |       path: spec.template.spec.restartPolicy | ||||||
|       value: Always |       value: Always | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test custom securityContext | - it: Test custom securityContext | ||||||
|   set: |   set: | ||||||
| @@ -389,6 +447,7 @@ tests: | |||||||
|         runAsNonRoot: true |         runAsNonRoot: true | ||||||
|         runAsUser: 1000 |         runAsUser: 1000 | ||||||
|         runAsGroup: 1000 |         runAsGroup: 1000 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test terminationGracePeriodSeconds | - it: Test terminationGracePeriodSeconds | ||||||
|   set: |   set: | ||||||
| @@ -397,6 +456,7 @@ tests: | |||||||
|   - equal: |   - equal: | ||||||
|       path: spec.template.spec.terminationGracePeriodSeconds |       path: spec.template.spec.terminationGracePeriodSeconds | ||||||
|       value: 120 |       value: 120 | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test tolerations | - it: Test tolerations | ||||||
|   set: |   set: | ||||||
| @@ -413,6 +473,7 @@ tests: | |||||||
|         operator: Equal |         operator: Equal | ||||||
|         value: ssd |         value: ssd | ||||||
|         effect: NoSchedule |         effect: NoSchedule | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test topologySpreadConstraints | - it: Test topologySpreadConstraints | ||||||
|   set: |   set: | ||||||
| @@ -431,6 +492,7 @@ tests: | |||||||
|         labelSelector: |         labelSelector: | ||||||
|           matchLabels: |           matchLabels: | ||||||
|             app.kubernetes.io/instance: reposilite |             app.kubernetes.io/instance: reposilite | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Test additional volumes | - it: Test additional volumes | ||||||
|   set: |   set: | ||||||
| @@ -445,3 +507,4 @@ tests: | |||||||
|       - name: data |       - name: data | ||||||
|         hostPath: |         hostPath: | ||||||
|           path: /usr/lib/data |           path: /usr/lib/data | ||||||
|  |     template: templates/deployment.yaml | ||||||
| @@ -7,6 +7,7 @@ release: | |||||||
|   namespace: testing |   namespace: testing | ||||||
| templates: | templates: | ||||||
| - templates/deployment.yaml | - templates/deployment.yaml | ||||||
|  | - templates/secretPrometheusBasicAuth.yaml | ||||||
| tests: | tests: | ||||||
| - it: Rendering default volumes and volumeMounts with persistent volume claim | - it: Rendering default volumes and volumeMounts with persistent volume claim | ||||||
|   set: |   set: | ||||||
| @@ -17,17 +18,20 @@ tests: | |||||||
|       content: |       content: | ||||||
|         name: REPOSILITE_DATA |         name: REPOSILITE_DATA | ||||||
|         value: /app/data |         value: /app/data | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - contains: |   - contains: | ||||||
|       path: spec.template.spec.containers[0].volumeMounts |       path: spec.template.spec.containers[0].volumeMounts | ||||||
|       content: |       content: | ||||||
|         name: data |         name: data | ||||||
|         mountPath: /app/data |         mountPath: /app/data | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - contains: |   - contains: | ||||||
|       path: spec.template.spec.volumes |       path: spec.template.spec.volumes | ||||||
|       content: |       content: | ||||||
|         name: data |         name: data | ||||||
|         persistentVolumeClaim: |         persistentVolumeClaim: | ||||||
|           claimName: reposilite-unittest |           claimName: reposilite-unittest | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Rendering custom volumes and volumeMounts with persistent volume claim | - it: Rendering custom volumes and volumeMounts with persistent volume claim | ||||||
|   set: |   set: | ||||||
| @@ -39,17 +43,20 @@ tests: | |||||||
|       content: |       content: | ||||||
|         name: REPOSILITE_DATA |         name: REPOSILITE_DATA | ||||||
|         value: /usr/lib/reposilite/data |         value: /usr/lib/reposilite/data | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - contains: |   - contains: | ||||||
|       path: spec.template.spec.containers[0].volumeMounts |       path: spec.template.spec.containers[0].volumeMounts | ||||||
|       content: |       content: | ||||||
|         name: data |         name: data | ||||||
|         mountPath: /usr/lib/reposilite/data |         mountPath: /usr/lib/reposilite/data | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - contains: |   - contains: | ||||||
|       path: spec.template.spec.volumes |       path: spec.template.spec.volumes | ||||||
|       content: |       content: | ||||||
|         name: data |         name: data | ||||||
|         persistentVolumeClaim: |         persistentVolumeClaim: | ||||||
|           claimName: reposilite-unittest |           claimName: reposilite-unittest | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
| - it: Rendering custom volumes and volumeMounts with persistent volume claim | - it: Rendering custom volumes and volumeMounts with persistent volume claim | ||||||
|   set: |   set: | ||||||
| @@ -62,14 +69,17 @@ tests: | |||||||
|       content: |       content: | ||||||
|         name: REPOSILITE_DATA |         name: REPOSILITE_DATA | ||||||
|         value: /app/data |         value: /app/data | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - contains: |   - contains: | ||||||
|       path: spec.template.spec.containers[0].volumeMounts |       path: spec.template.spec.containers[0].volumeMounts | ||||||
|       content: |       content: | ||||||
|         name: data |         name: data | ||||||
|         mountPath: /app/data |         mountPath: /app/data | ||||||
|  |     template: templates/deployment.yaml | ||||||
|   - contains: |   - contains: | ||||||
|       path: spec.template.spec.volumes |       path: spec.template.spec.volumes | ||||||
|       content: |       content: | ||||||
|         name: data |         name: data | ||||||
|         persistentVolumeClaim: |         persistentVolumeClaim: | ||||||
|           claimName: my-custom-pvc |           claimName: my-custom-pvc | ||||||
|  |     template: templates/deployment.yaml | ||||||
							
								
								
									
										107
									
								
								unittests/deployment/prometheusPodMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										107
									
								
								unittests/deployment/prometheusPodMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,107 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Add prometheus basic auth variables | ||||||
|  | release: | ||||||
|  |   name: reposilite-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/deployment.yaml | ||||||
|  | - templates/secretPrometheusBasicAuth.yaml | ||||||
|  | tests: | ||||||
|  | - it: Rendering default environment variables with enabled prometheus metrics podMonitor | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - exists: | ||||||
|  |       path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       content: | ||||||
|  |         name: REPOSILITE_PROMETHEUS_PASSWORD | ||||||
|  |         valueFrom: | ||||||
|  |           secretKeyRef: | ||||||
|  |             name: reposilite-unittest-basic-auth-credentials | ||||||
|  |             key: password | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       content: | ||||||
|  |         name: REPOSILITE_PROMETHEUS_USER | ||||||
|  |         valueFrom: | ||||||
|  |           secretKeyRef: | ||||||
|  |             name: reposilite-unittest-basic-auth-credentials | ||||||
|  |             key: username | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Rendering default environment variables with enabled prometheus metrics serviceMonitor and external secret | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: my-username-key | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: my-password-key | ||||||
|  |     prometheus.metrics.secret.existing.secretName: my-secret | ||||||
|  |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       content: | ||||||
|  |         name: REPOSILITE_PROMETHEUS_PASSWORD | ||||||
|  |         valueFrom: | ||||||
|  |           secretKeyRef: | ||||||
|  |             name: my-secret | ||||||
|  |             key: my-password-key | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       content: | ||||||
|  |         name: REPOSILITE_PROMETHEUS_USER | ||||||
|  |         valueFrom: | ||||||
|  |           secretKeyRef: | ||||||
|  |             name: my-secret | ||||||
|  |             key: my-username-key | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Fail when existing secret name is undefined | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||||
|  |     prometheus.metrics.secret.existing.secretName: "" | ||||||
|  |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: "Name of the existing secret that contains the credentials for basic auth is not defined!" | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Fail when the name of the key in the secret that contains the username for basic auth is undefined | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: "" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||||
|  |     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||||
|  |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: "Name of the key in the secret that contains the username for basic auth is not defined!" | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Fail when the name of the key in the secret that contains the password for basic auth is undefined | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: "" | ||||||
|  |     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||||
|  |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: "Name of the key in the secret that contains the password for basic auth is not defined!" | ||||||
|  |     template: templates/deployment.yaml | ||||||
							
								
								
									
										107
									
								
								unittests/deployment/prometheusServiceMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										107
									
								
								unittests/deployment/prometheusServiceMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,107 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Add prometheus basic auth variables | ||||||
|  | release: | ||||||
|  |   name: reposilite-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/deployment.yaml | ||||||
|  | - templates/secretPrometheusBasicAuth.yaml | ||||||
|  | tests: | ||||||
|  | - it: Rendering default environment variables with enabled prometheus metrics serviceMonitor | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - exists: | ||||||
|  |       path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       content: | ||||||
|  |         name: REPOSILITE_PROMETHEUS_PASSWORD | ||||||
|  |         valueFrom: | ||||||
|  |           secretKeyRef: | ||||||
|  |             name: reposilite-unittest-basic-auth-credentials | ||||||
|  |             key: password | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       content: | ||||||
|  |         name: REPOSILITE_PROMETHEUS_USER | ||||||
|  |         valueFrom: | ||||||
|  |           secretKeyRef: | ||||||
|  |             name: reposilite-unittest-basic-auth-credentials | ||||||
|  |             key: username | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Rendering default environment variables with enabled prometheus metrics serviceMonitor and external secret | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: my-username-key | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: my-password-key | ||||||
|  |     prometheus.metrics.secret.existing.secretName: my-secret | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.template.metadata.annotations.checksum/secret-reposilite-unittest-basic-auth-credentials | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       content: | ||||||
|  |         name: REPOSILITE_PROMETHEUS_PASSWORD | ||||||
|  |         valueFrom: | ||||||
|  |           secretKeyRef: | ||||||
|  |             name: my-secret | ||||||
|  |             key: my-password-key | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |   - contains: | ||||||
|  |       path: spec.template.spec.containers[0].env | ||||||
|  |       content: | ||||||
|  |         name: REPOSILITE_PROMETHEUS_USER | ||||||
|  |         valueFrom: | ||||||
|  |           secretKeyRef: | ||||||
|  |             name: my-secret | ||||||
|  |             key: my-username-key | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Fail when existing secret name is undefined | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||||
|  |     prometheus.metrics.secret.existing.secretName: "" | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: "Name of the existing secret that contains the credentials for basic auth is not defined!" | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Fail when the name of the key in the secret that contains the username for basic auth is undefined | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: "" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||||
|  |     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: "Name of the key in the secret that contains the username for basic auth is not defined!" | ||||||
|  |     template: templates/deployment.yaml | ||||||
|  |  | ||||||
|  | - it: Fail when the name of the key in the secret that contains the password for basic auth is undefined | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: "" | ||||||
|  |     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |       errorMessage: "Name of the key in the secret that contains the password for basic auth is not defined!" | ||||||
|  |     template: templates/deployment.yaml | ||||||
							
								
								
									
										179
									
								
								unittests/podMonitors/podMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										179
									
								
								unittests/podMonitors/podMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,179 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: PodMonitor template | ||||||
|  | release: | ||||||
|  |   name: reposilite-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/podMonitor.yaml | ||||||
|  | tests: | ||||||
|  | - it: Skip podMonitor when metrics are disabled. | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: false | ||||||
|  |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Skip podMonitor when podMonitor is disabled. | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.podMonitor.enabled: false | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Skip podMonitor when both monitor types are enabled. | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Rendering podMonitor with default values - enabled manually. | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: monitoring.coreos.com/v1 | ||||||
|  |       kind: PodMonitor | ||||||
|  |       name: reposilite-unittest | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: reposilite-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: reposilite | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: reposilite-0.1.0 | ||||||
|  |   - isSubset: | ||||||
|  |       path: spec.podMetricsEndpoints[0].basicAuth | ||||||
|  |       content: | ||||||
|  |         password: | ||||||
|  |           key: password | ||||||
|  |           name: reposilite-unittest-basic-auth-credentials | ||||||
|  |         username: | ||||||
|  |           key: username | ||||||
|  |           name: reposilite-unittest-basic-auth-credentials | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].enableHttp2 | ||||||
|  |       value: false | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].followRedirects | ||||||
|  |       value: false | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].honorLabels | ||||||
|  |       value: false | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].interval | ||||||
|  |       value: 60s | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].path | ||||||
|  |       value: /metrics | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].port | ||||||
|  |       value: http | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.podMetricsEndpoints[0].relabelings | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].scrapeTimeout | ||||||
|  |       value: 30s | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].scheme | ||||||
|  |       value: http | ||||||
|  |   - contains: | ||||||
|  |       path: spec.namespaceSelector.matchNames | ||||||
|  |       content: | ||||||
|  |         testing | ||||||
|  |   - equal: | ||||||
|  |       path: spec.selector.matchLabels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: reposilite-unittest | ||||||
|  |         app.kubernetes.io/name: reposilite | ||||||
|  |  | ||||||
|  | - it: Render podMonitor with custom annotations and labels. | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |     prometheus.metrics.podMonitor.annotations: | ||||||
|  |       foo: bar | ||||||
|  |     prometheus.metrics.podMonitor.labels: | ||||||
|  |       bar: foo | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.annotations | ||||||
|  |       value: | ||||||
|  |         foo: bar | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: reposilite-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: reposilite | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         bar: foo | ||||||
|  |         helm.sh/chart: reposilite-0.1.0 | ||||||
|  |  | ||||||
|  | - it: Change defaults | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.podMonitor.enabled: true | ||||||
|  |     prometheus.metrics.podMonitor.enableHttp2: false | ||||||
|  |     prometheus.metrics.podMonitor.followRedirects: true | ||||||
|  |     prometheus.metrics.podMonitor.honorLabels: true | ||||||
|  |     prometheus.metrics.podMonitor.interval: "180s" | ||||||
|  |     prometheus.metrics.podMonitor.path: "/my-metrics" | ||||||
|  |     prometheus.metrics.podMonitor.port: "8443" | ||||||
|  |     prometheus.metrics.podMonitor.relabelings: | ||||||
|  |     - sourceLabels: [ container ] | ||||||
|  |       separator: ";" | ||||||
|  |       regex: "app" | ||||||
|  |       replacement: "$1" | ||||||
|  |       action: "drop" | ||||||
|  |     prometheus.metrics.podMonitor.scheme: https | ||||||
|  |     prometheus.metrics.podMonitor.scrapeTimeout: "5s" | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].enableHttp2 | ||||||
|  |       value: false | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].followRedirects | ||||||
|  |       value: true | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].honorLabels | ||||||
|  |       value: true | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].interval | ||||||
|  |       value: 180s | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].path | ||||||
|  |       value: /my-metrics | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].port | ||||||
|  |       value: "8443" | ||||||
|  |   - contains: | ||||||
|  |       path: spec.podMetricsEndpoints[0].relabelings | ||||||
|  |       content: | ||||||
|  |         sourceLabels: [ container ] | ||||||
|  |         separator: ";" | ||||||
|  |         regex: "app" | ||||||
|  |         replacement: "$1" | ||||||
|  |         action: "drop" | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].scrapeTimeout | ||||||
|  |       value: 5s | ||||||
|  |   - equal: | ||||||
|  |       path: spec.podMetricsEndpoints[0].scheme | ||||||
|  |       value: https | ||||||
							
								
								
									
										78
									
								
								unittests/secrets/basicAuth.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										78
									
								
								unittests/secrets/basicAuth.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,78 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: Secret reposilite template | ||||||
|  | release: | ||||||
|  |   name: reposilite-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/secretPrometheusBasicAuth.yaml | ||||||
|  | tests: | ||||||
|  | - it: Skip rendering | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Rendering secret with default values. | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: v1 | ||||||
|  |       kind: Secret | ||||||
|  |       name: reposilite-unittest-basic-auth-credentials | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: reposilite-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: reposilite | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: reposilite-0.1.0 | ||||||
|  |   - exists: | ||||||
|  |       path: stringData.password | ||||||
|  |   - exists: | ||||||
|  |       path: stringData.username | ||||||
|  |  | ||||||
|  | - it: Rendering secret with custom values. | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.new.basicAuthPassword: foo | ||||||
|  |     prometheus.metrics.secret.new.basicAuthUsername: bar | ||||||
|  |     prometheus.metrics.secret.new.annotations: | ||||||
|  |       foo: bar | ||||||
|  |     prometheus.metrics.secret.new.labels: | ||||||
|  |       bar: foo | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - exists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |       value: | ||||||
|  |         foo: bar | ||||||
|  |   - exists: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         bar: foo | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.name | ||||||
|  |       value: reposilite-unittest-basic-auth-credentials | ||||||
|  |   - equal: | ||||||
|  |       path: stringData.password | ||||||
|  |       value: foo | ||||||
|  |   - equal: | ||||||
|  |       path: stringData.username | ||||||
|  |       value: bar | ||||||
|  |  | ||||||
|  | - it: Skip rendering if existing secret is used | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
							
								
								
									
										194
									
								
								unittests/serviceMonitors/serviceMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										194
									
								
								unittests/serviceMonitors/serviceMonitor.yaml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,194 @@ | |||||||
|  | chart: | ||||||
|  |   appVersion: 0.1.0 | ||||||
|  |   version: 0.1.0 | ||||||
|  | suite: ServiceMonitor template | ||||||
|  | release: | ||||||
|  |   name: reposilite-unittest | ||||||
|  |   namespace: testing | ||||||
|  | templates: | ||||||
|  | - templates/serviceMonitor.yaml | ||||||
|  | tests: | ||||||
|  | - it: Skip serviceMonitor when service is disabled. | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |     service.enabled: false | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Skip serviceMonitor when metrics are disabled. | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: false | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |     services.http.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Skip serviceMonitor when serviceMonitor is disabled. | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: false | ||||||
|  |     services.http.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 0 | ||||||
|  |  | ||||||
|  | - it: Rendering serviceMonitor with default values - enabled manually. | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - containsDocument: | ||||||
|  |       apiVersion: monitoring.coreos.com/v1 | ||||||
|  |       kind: ServiceMonitor | ||||||
|  |       name: reposilite-unittest | ||||||
|  |       namespace: testing | ||||||
|  |   - notExists: | ||||||
|  |       path: metadata.annotations | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: reposilite-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: reposilite | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         helm.sh/chart: reposilite-0.1.0 | ||||||
|  |   - isSubset: | ||||||
|  |       path: spec.endpoints[0].basicAuth | ||||||
|  |       content: | ||||||
|  |         password: | ||||||
|  |           key: password | ||||||
|  |           name: reposilite-unittest-basic-auth-credentials | ||||||
|  |         username: | ||||||
|  |           key: username | ||||||
|  |           name: reposilite-unittest-basic-auth-credentials | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].enableHttp2 | ||||||
|  |       value: false | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].followRedirects | ||||||
|  |       value: false | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].honorLabels | ||||||
|  |       value: false | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].interval | ||||||
|  |       value: 60s | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].path | ||||||
|  |       value: /metrics | ||||||
|  |   - notExists: | ||||||
|  |       path: spec.endpoints[0].relabelings | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].scrapeTimeout | ||||||
|  |       value: 30s | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].scheme | ||||||
|  |       value: http | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].port | ||||||
|  |       value: http | ||||||
|  |   - contains: | ||||||
|  |       path: spec.namespaceSelector.matchNames | ||||||
|  |       content: | ||||||
|  |         testing | ||||||
|  |   - equal: | ||||||
|  |       path: spec.selector.matchLabels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: reposilite-unittest | ||||||
|  |         app.kubernetes.io/name: reposilite | ||||||
|  |         app.kubernetes.io/service-name: http | ||||||
|  |  | ||||||
|  | - it: Render serviceMonitor with custom annotations and labels. | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |     prometheus.metrics.serviceMonitor.annotations: | ||||||
|  |       foo: bar | ||||||
|  |     prometheus.metrics.serviceMonitor.labels: | ||||||
|  |       bar: foo | ||||||
|  |   asserts: | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.annotations | ||||||
|  |       value: | ||||||
|  |         foo: bar | ||||||
|  |   - equal: | ||||||
|  |       path: metadata.labels | ||||||
|  |       value: | ||||||
|  |         app.kubernetes.io/instance: reposilite-unittest | ||||||
|  |         app.kubernetes.io/managed-by: Helm | ||||||
|  |         app.kubernetes.io/name: reposilite | ||||||
|  |         app.kubernetes.io/version: 0.1.0 | ||||||
|  |         bar: foo | ||||||
|  |         helm.sh/chart: reposilite-0.1.0 | ||||||
|  |  | ||||||
|  | - it: Change defaults | ||||||
|  |   set: | ||||||
|  |     prometheus.metrics.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.enabled: true | ||||||
|  |     prometheus.metrics.secret.existing.secretName: "my-secret" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthUsernameKey: "my-username-key" | ||||||
|  |     prometheus.metrics.secret.existing.basicAuthPasswordKey: "my-password-key" | ||||||
|  |     prometheus.metrics.serviceMonitor.enabled: true | ||||||
|  |     prometheus.metrics.serviceMonitor.enableHttp2: false | ||||||
|  |     prometheus.metrics.serviceMonitor.followRedirects: true | ||||||
|  |     prometheus.metrics.serviceMonitor.honorLabels: true | ||||||
|  |     prometheus.metrics.serviceMonitor.interval: "180s" | ||||||
|  |     prometheus.metrics.serviceMonitor.path: "/my-metrics" | ||||||
|  |     prometheus.metrics.serviceMonitor.relabelings: | ||||||
|  |     - sourceLabels: [ container ] | ||||||
|  |       separator: ";" | ||||||
|  |       regex: "app" | ||||||
|  |       replacement: "$1" | ||||||
|  |       action: "drop" | ||||||
|  |     prometheus.metrics.serviceMonitor.scrapeTimeout: "5s" | ||||||
|  |     prometheus.metrics.serviceMonitor.scheme: "https" | ||||||
|  |     service.scheme: https | ||||||
|  |   asserts: | ||||||
|  |   - hasDocuments: | ||||||
|  |       count: 1 | ||||||
|  |   - isSubset: | ||||||
|  |       path: spec.endpoints[0].basicAuth | ||||||
|  |       content: | ||||||
|  |         password: | ||||||
|  |           key: my-password-key | ||||||
|  |           name: my-secret | ||||||
|  |         username: | ||||||
|  |           key: my-username-key | ||||||
|  |           name: my-secret | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].enableHttp2 | ||||||
|  |       value: false | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].followRedirects | ||||||
|  |       value: true | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].honorLabels | ||||||
|  |       value: true | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].interval | ||||||
|  |       value: 180s | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].path | ||||||
|  |       value: /my-metrics | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].port | ||||||
|  |       value: https | ||||||
|  |   - contains: | ||||||
|  |       path: spec.endpoints[0].relabelings | ||||||
|  |       content: | ||||||
|  |         sourceLabels: [ container ] | ||||||
|  |         separator: ";" | ||||||
|  |         regex: "app" | ||||||
|  |         replacement: "$1" | ||||||
|  |         action: "drop" | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].scrapeTimeout | ||||||
|  |       value: 5s | ||||||
|  |   - equal: | ||||||
|  |       path: spec.endpoints[0].scheme | ||||||
|  |       value: https | ||||||
| @@ -32,6 +32,7 @@ tests: | |||||||
|         app.kubernetes.io/instance: reposilite-unittest |         app.kubernetes.io/instance: reposilite-unittest | ||||||
|         app.kubernetes.io/managed-by: Helm |         app.kubernetes.io/managed-by: Helm | ||||||
|         app.kubernetes.io/name: reposilite |         app.kubernetes.io/name: reposilite | ||||||
|  |         app.kubernetes.io/service-name: http | ||||||
|         app.kubernetes.io/version: 0.1.0 |         app.kubernetes.io/version: 0.1.0 | ||||||
|         helm.sh/chart: reposilite-0.1.0 |         helm.sh/chart: reposilite-0.1.0 | ||||||
|   - notExists: |   - notExists: | ||||||
| @@ -86,6 +87,13 @@ tests: | |||||||
|   - failedTemplate: |   - failedTemplate: | ||||||
|     errorMessage: No service port defined! |     errorMessage: No service port defined! | ||||||
|  |  | ||||||
|  | - it: Require scheme. | ||||||
|  |   set: | ||||||
|  |     service.scheme: "" | ||||||
|  |   asserts: | ||||||
|  |   - failedTemplate: | ||||||
|  |     errorMessage: No service scheme defined! | ||||||
|  |  | ||||||
| - it: Require sessionAffinity. | - it: Require sessionAffinity. | ||||||
|   set: |   set: | ||||||
|     service.sessionAffinity: "" |     service.sessionAffinity: "" | ||||||
| @@ -106,6 +114,7 @@ tests: | |||||||
|       foo: bar |       foo: bar | ||||||
|     service.labels: |     service.labels: | ||||||
|       bar: foo |       bar: foo | ||||||
|  |     service.scheme: https | ||||||
|   asserts: |   asserts: | ||||||
|   - equal: |   - equal: | ||||||
|       path: metadata.annotations |       path: metadata.annotations | ||||||
| @@ -117,6 +126,7 @@ tests: | |||||||
|         app.kubernetes.io/instance: reposilite-unittest |         app.kubernetes.io/instance: reposilite-unittest | ||||||
|         app.kubernetes.io/managed-by: Helm |         app.kubernetes.io/managed-by: Helm | ||||||
|         app.kubernetes.io/name: reposilite |         app.kubernetes.io/name: reposilite | ||||||
|  |         app.kubernetes.io/service-name: https | ||||||
|         app.kubernetes.io/version: 0.1.0 |         app.kubernetes.io/version: 0.1.0 | ||||||
|         helm.sh/chart: reposilite-0.1.0 |         helm.sh/chart: reposilite-0.1.0 | ||||||
|         bar: foo |         bar: foo | ||||||
| @@ -134,6 +144,7 @@ tests: | |||||||
|     service.loadBalancerSourceRanges: |     service.loadBalancerSourceRanges: | ||||||
|     - "11.12.0.0/17" |     - "11.12.0.0/17" | ||||||
|     service.port: 10443 |     service.port: 10443 | ||||||
|  |     service.scheme: https | ||||||
|     service.sessionAffinity: ClientIP |     service.sessionAffinity: ClientIP | ||||||
|     service.type: LoadBalancer |     service.type: LoadBalancer | ||||||
|   asserts: |   asserts: | ||||||
| @@ -161,6 +172,9 @@ tests: | |||||||
|       path: spec.loadBalancerSourceRanges |       path: spec.loadBalancerSourceRanges | ||||||
|       value: |       value: | ||||||
|       - "11.12.0.0/17" |       - "11.12.0.0/17" | ||||||
|  |   - equal: | ||||||
|  |       path: spec.ports[0].name | ||||||
|  |       value: https | ||||||
|   - equal: |   - equal: | ||||||
|       path: spec.ports[0].port |       path: spec.ports[0].port | ||||||
|       value: 10443 |       value: 10443 | ||||||
|   | |||||||
							
								
								
									
										130
									
								
								values.yaml
									
									
									
									
									
								
							
							
						
						
									
										130
									
								
								values.yaml
									
									
									
									
									
								
							| @@ -6,6 +6,17 @@ | |||||||
| nameOverride: "" | nameOverride: "" | ||||||
| fullnameOverride: "" | fullnameOverride: "" | ||||||
|  |  | ||||||
|  |  | ||||||
|  | ## @section Config | ||||||
|  | config: | ||||||
|  |   plugins: | ||||||
|  |     ## @param config.plugins.prometheus.enabled Download the Prometheus plugin via an additional init container. The Prometheus plugin will automatically enabled, when Prometheus is enabled. | ||||||
|  |     ## @param config.plugins.prometheus.url URL to download the plugin. | ||||||
|  |     prometheus: | ||||||
|  |       enabled: false | ||||||
|  |       url: https://maven.reposilite.com/releases/com/reposilite/plugin/prometheus-plugin/{{ .Chart.AppVersion }}/prometheus-plugin-{{ .Chart.AppVersion }}-all.jar | ||||||
|  |  | ||||||
|  |  | ||||||
| ## @section Deployment | ## @section Deployment | ||||||
| deployment: | deployment: | ||||||
|   ## @param deployment.annotations Additional deployment annotations. |   ## @param deployment.annotations Additional deployment annotations. | ||||||
| @@ -149,6 +160,24 @@ deployment: | |||||||
|   ## @param deployment.nodeSelector NodeSelector of the Reposilite deployment. |   ## @param deployment.nodeSelector NodeSelector of the Reposilite deployment. | ||||||
|   nodeSelector: {} |   nodeSelector: {} | ||||||
|  |  | ||||||
|  |   pluginContainer: | ||||||
|  |     ## @param deployment.pluginContainer.args Arguments passed to the plugin container. | ||||||
|  |     args: | ||||||
|  |     - "--location" | ||||||
|  |     - "--fail" | ||||||
|  |     - "--max-time" | ||||||
|  |     - "60" | ||||||
|  |  | ||||||
|  |     ## @param deployment.pluginContainer.image.registry Image registry, eg. `docker.io`. | ||||||
|  |     ## @param deployment.pluginContainer.image.repository Image repository, eg. `curlimages/curl`. | ||||||
|  |     ## @param deployment.pluginContainer.image.tag Custom image tag, eg. `0.1.0`. | ||||||
|  |     ## @param deployment.pluginContainer.image.pullPolicy Image pull policy. | ||||||
|  |     image: | ||||||
|  |       registry: docker.io | ||||||
|  |       repository: curlimages/curl | ||||||
|  |       tag: "8.16.0" | ||||||
|  |       pullPolicy: IfNotPresent | ||||||
|  |  | ||||||
|   ## @param deployment.priorityClassName PriorityClassName of the Reposilite deployment. |   ## @param deployment.priorityClassName PriorityClassName of the Reposilite deployment. | ||||||
|   priorityClassName: "" |   priorityClassName: "" | ||||||
|  |  | ||||||
| @@ -183,13 +212,14 @@ deployment: | |||||||
|  |  | ||||||
|   ## @param deployment.topologySpreadConstraints TopologySpreadConstraints of the Reposilite deployment. |   ## @param deployment.topologySpreadConstraints TopologySpreadConstraints of the Reposilite deployment. | ||||||
|   topologySpreadConstraints: [] |   topologySpreadConstraints: [] | ||||||
|   # - topologyKey: kubernetes.io/hostname |   # - maxSkew: 1 | ||||||
|  |   #   topologyKey: kubernetes.io/hostname | ||||||
|   #   whenUnsatisfiable: DoNotSchedule |   #   whenUnsatisfiable: DoNotSchedule | ||||||
|   #   labelSelector: |   #   labelSelector: | ||||||
|   #     matchLabels: |   #     matchLabels: | ||||||
|   #       app.kubernetes.io/instance: prometheus-reposilite |   #       app.kubernetes.io/instance: reposilite | ||||||
|  |  | ||||||
|   ## @param deployment.volumes Additional volumes to mount into the pods of the prometheus-exporter deployment. |   ## @param deployment.volumes Additional volumes to mount into the pods of the reposilite deployment. | ||||||
|   volumes: [] |   volumes: [] | ||||||
|   # - name: my-configmap-volume |   # - name: my-configmap-volume | ||||||
|   #   config: |   #   config: | ||||||
| @@ -301,6 +331,11 @@ networkPolicy: | |||||||
|   #   - port: 53 |   #   - port: 53 | ||||||
|   #     protocol: UDP |   #     protocol: UDP | ||||||
|  |  | ||||||
|  |   ## Allow outgoing HTTP traffic. For example to download maven artifacts from Apache Maven Central or Reposlite plugins from upstream. | ||||||
|  |   # - ports: | ||||||
|  |   #   - port: 443 | ||||||
|  |   #     protocol: TCP | ||||||
|  |  | ||||||
|   ingress: [] |   ingress: [] | ||||||
|   # Allow incoming HTTP traffic from prometheus. |   # Allow incoming HTTP traffic from prometheus. | ||||||
|   # |   # | ||||||
| @@ -314,6 +349,8 @@ networkPolicy: | |||||||
|   #   ports: |   #   ports: | ||||||
|   #   - port: http |   #   - port: http | ||||||
|   #     protocol: TCP |   #     protocol: TCP | ||||||
|  |   #   - port: https | ||||||
|  |   #     protocol: TCP | ||||||
|  |  | ||||||
|   # Allow incoming HTTP traffic from ingress-nginx. |   # Allow incoming HTTP traffic from ingress-nginx. | ||||||
|   # |   # | ||||||
| @@ -327,6 +364,8 @@ networkPolicy: | |||||||
|   #   ports: |   #   ports: | ||||||
|   #   - port: http |   #   - port: http | ||||||
|   #     protocol: TCP |   #     protocol: TCP | ||||||
|  |   #   - port: https | ||||||
|  |   #     protocol: TCP | ||||||
|  |  | ||||||
|  |  | ||||||
| ## @section Persistent Volume Claim | ## @section Persistent Volume Claim | ||||||
| @@ -355,6 +394,89 @@ persistentVolumeClaim: | |||||||
|     storageClass: "" |     storageClass: "" | ||||||
|  |  | ||||||
|  |  | ||||||
|  | ## @section Prometheus | ||||||
|  | prometheus: | ||||||
|  |   metrics: | ||||||
|  |     ## @param prometheus.metrics.enabled Enable of scraping metrics by Prometheus. | ||||||
|  |     enabled: false | ||||||
|  |  | ||||||
|  |     secret: | ||||||
|  |       ## @param prometheus.metrics.secret.existing.enabled Use an existing secret containing the basic auth credentials. | ||||||
|  |       ## @param prometheus.metrics.secret.existing.secretName Name of the secret containing the basic auth credentials. | ||||||
|  |       ## @param prometheus.metrics.secret.existing.basicAuthUsernameKey Name of the key in the secret that contains the username for basic auth. | ||||||
|  |       ## @param prometheus.metrics.secret.existing.basicAuthPasswordKey Name of the key in the secret that contains the password for basic auth. | ||||||
|  |       existing: | ||||||
|  |         enabled: false | ||||||
|  |         secretName: "" | ||||||
|  |         basicAuthUsernameKey: "" | ||||||
|  |         basicAuthPasswordKey: "" | ||||||
|  |  | ||||||
|  |       ## @param prometheus.metrics.secret.new.annotations Additional secret annotations. | ||||||
|  |       ## @param prometheus.metrics.secret.new.labels Additional secret labels. | ||||||
|  |       ## @param prometheus.metrics.secret.new.basicAuthUsername Username for basic auth. The username and password is required by reposilite to expose metrics. Default: random alpha numeric string. | ||||||
|  |       ## @param prometheus.metrics.secret.new.basicAuthPassword Password for basic auth. The username and password is required by reposilite to expose metrics. Default random alpha numeric string. | ||||||
|  |       new: | ||||||
|  |         annotations: {} | ||||||
|  |         labels: {} | ||||||
|  |         basicAuthUsername: "" | ||||||
|  |         basicAuthPassword: "" | ||||||
|  |  | ||||||
|  |     ## @param prometheus.metrics.podMonitor.enabled Enable creation of a podMonitor. Excludes the existence of a serviceMonitor resource. | ||||||
|  |     ## @param prometheus.metrics.podMonitor.annotations Additional podMonitor annotations. | ||||||
|  |     ## @param prometheus.metrics.podMonitor.enableHttp2 Enable HTTP2. | ||||||
|  |     ## @param prometheus.metrics.podMonitor.followRedirects FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | ||||||
|  |     ## @param prometheus.metrics.podMonitor.honorLabels Honor labels. | ||||||
|  |     ## @param prometheus.metrics.podMonitor.labels Additional podMonitor labels. | ||||||
|  |     ## @param prometheus.metrics.podMonitor.interval Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | ||||||
|  |     ## @param prometheus.metrics.podMonitor.path HTTP path of the Reposilite pod for scraping Prometheus metrics. | ||||||
|  |     ## @param prometheus.metrics.podMonitor.port HTTP port of the Reposilite pod for scraping Prometheus metrics. | ||||||
|  |     ## @param prometheus.metrics.podMonitor.relabelings RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | ||||||
|  |     ## @param prometheus.metrics.podMonitor.scrapeTimeout Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | ||||||
|  |     ## @param prometheus.metrics.podMonitor.scheme HTTP scheme to use for scraping. For example `http` or `https`. | ||||||
|  |     ## @param prometheus.metrics.podMonitor.tlsConfig TLS configuration to use when scraping the metric endpoint by Prometheus. | ||||||
|  |     ## @skip prometheus.metrics.podMonitor.tlsConfig Skip individual TLS configuration. | ||||||
|  |     podMonitor: | ||||||
|  |       enabled: false | ||||||
|  |       annotations: {} | ||||||
|  |       enableHttp2: false | ||||||
|  |       followRedirects: false | ||||||
|  |       honorLabels: false | ||||||
|  |       labels: {} | ||||||
|  |       interval: "60s" | ||||||
|  |       path: "/metrics" | ||||||
|  |       port: "http" | ||||||
|  |       relabelings: [] | ||||||
|  |       scrapeTimeout: "30s" | ||||||
|  |       scheme: "http" | ||||||
|  |       tlsConfig: {} | ||||||
|  |  | ||||||
|  |     ## @param prometheus.metrics.serviceMonitor.enabled Enable creation of a serviceMonitor. Excludes the existence of a podMonitor resource. | ||||||
|  |     ## @param prometheus.metrics.serviceMonitor.annotations Additional serviceMonitor annotations. | ||||||
|  |     ## @param prometheus.metrics.serviceMonitor.labels Additional serviceMonitor labels. | ||||||
|  |     ## @param prometheus.metrics.serviceMonitor.enableHttp2 Enable HTTP2. | ||||||
|  |     ## @param prometheus.metrics.serviceMonitor.followRedirects FollowRedirects configures whether scrape requests follow HTTP 3xx redirects. | ||||||
|  |     ## @param prometheus.metrics.serviceMonitor.honorLabels Honor labels. | ||||||
|  |     ## @param prometheus.metrics.serviceMonitor.interval Interval at which metrics should be scraped. If not specified Prometheus' global scrape interval is used. | ||||||
|  |     ## @param prometheus.metrics.serviceMonitor.path HTTP path for scraping Prometheus metrics. | ||||||
|  |     ## @param prometheus.metrics.serviceMonitor.relabelings RelabelConfigs to apply to samples before scraping. Prometheus Operator automatically adds relabelings for a few standard Kubernetes fields. | ||||||
|  |     ## @param prometheus.metrics.serviceMonitor.scrapeTimeout Timeout after which the scrape is ended. If not specified, global Prometheus scrape timeout is used. | ||||||
|  |     ## @param prometheus.metrics.serviceMonitor.scheme HTTP scheme to use for scraping. For example `http` or `https`. | ||||||
|  |     ## @param prometheus.metrics.serviceMonitor.tlsConfig TLS configuration to use when scraping the metric endpoint by Prometheus. | ||||||
|  |     ## @skip prometheus.metrics.serviceMonitor.tlsConfig Skip individual TLS configuration. | ||||||
|  |     serviceMonitor: | ||||||
|  |       enabled: false | ||||||
|  |       annotations: {} | ||||||
|  |       labels: {} | ||||||
|  |       enableHttp2: false | ||||||
|  |       followRedirects: false | ||||||
|  |       honorLabels: false | ||||||
|  |       interval: "60s" | ||||||
|  |       path: "/metrics" | ||||||
|  |       relabelings: [] | ||||||
|  |       scrapeTimeout: "30s" | ||||||
|  |       scheme: "http" | ||||||
|  |       tlsConfig: {} | ||||||
|  |  | ||||||
| ## @section Service | ## @section Service | ||||||
| ## @param service.enabled Enable the service. | ## @param service.enabled Enable the service. | ||||||
| ## @param service.annotations Additional service annotations. | ## @param service.annotations Additional service annotations. | ||||||
| @@ -367,6 +489,7 @@ persistentVolumeClaim: | |||||||
| ## @param service.loadBalancerIP LoadBalancer will get created with the IP specified in this field. Requires service from type `LoadBalancer`. | ## @param service.loadBalancerIP LoadBalancer will get created with the IP specified in this field. Requires service from type `LoadBalancer`. | ||||||
| ## @param service.loadBalancerSourceRanges Source range filter for LoadBalancer. Requires service from type `LoadBalancer`. | ## @param service.loadBalancerSourceRanges Source range filter for LoadBalancer. Requires service from type `LoadBalancer`. | ||||||
| ## @param service.port Port to forward the traffic to. | ## @param service.port Port to forward the traffic to. | ||||||
|  | ## @param service.scheme Name of the service port. This name is also used as scheme / port name of the service monitor resource. | ||||||
| ## @param service.sessionAffinity Supports `ClientIP` and `None`. Enable client IP based session affinity via `ClientIP`. | ## @param service.sessionAffinity Supports `ClientIP` and `None`. Enable client IP based session affinity via `ClientIP`. | ||||||
| ## @param service.sessionAffinityConfig Contains the configuration of the session affinity. | ## @param service.sessionAffinityConfig Contains the configuration of the session affinity. | ||||||
| ## @param service.type Kubernetes service type for the traffic. | ## @param service.type Kubernetes service type for the traffic. | ||||||
| @@ -382,6 +505,7 @@ service: | |||||||
|   loadBalancerIP: "" |   loadBalancerIP: "" | ||||||
|   loadBalancerSourceRanges: [] |   loadBalancerSourceRanges: [] | ||||||
|   port: 8080 |   port: 8080 | ||||||
|  |   scheme: http | ||||||
|   sessionAffinity: "None" |   sessionAffinity: "None" | ||||||
|   sessionAffinityConfig: {} |   sessionAffinityConfig: {} | ||||||
|   type: "ClusterIP" |   type: "ClusterIP" | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user